Managing resource owner credentials grant mapping
Use theResource Owner Credentials Grant Mapping to map values obtained from the password credential validator instance into the persistent grants. Persistent grants and any associated attributes and their values remain valid until the grants expire or until PingFederate explicitly revokes or cleans them up.
About this task
The USER_KEY
attribute is the identifier of the persistent grants.
If extended attributes are defined in System → OAuth Settings → Authorization Server Settings, configure a mapping for each attribute.
include::partial$pf_rc_grantmapping_datastorequeries.adoc[tags=pf_ph_grantMapping_dataStoreQueries] This mapping is intended for the Resource Owner Password Credential grant type.
Steps
-
Go to Authentication → OAuth → Resource Owner Credentials Grant Mapping and perform one of the following actions.
Action Steps Create a mapping
Select the source of the attributes from the list and click Add Mapping.
Modify an existing mapping
Select your mapping under Mappings.
Remove an existing mapping or cancel the removal request
Click Delete or Undelete under Action.
+
Before removing a mapping from your configuration, ensure that it is not used by your OAuth use cases. Any corresponding entries defined in Applications → OAuth → Access Token Mapping will also be removed.