PingID Administration Guide

Configuring policy contract grant mapping

Configure policy contract grant mapping for the PingFederate integration.

About this task

Manage the mappings from the authentication policy contract you created into the persistent grant contract.

Steps

  1. In PingFederate, configure policy contract grant mapping.

    For more information, see Grant mapping.

    Choose from:

    • PingFederate 10.1 or later: Click Authentication → OAuth

    • PingFederate 10 or earlier: In the OAuth Server tab, Grant Mapping area, click Authentication Policy Contract Mappings.

  2. In the Policy Contract Mapping window:

    1. In the Policy Contract field, select the authentication policy contract you created earlier and then click Add Mapping.

    2. On the Attribute Sources & User Lookup tab, click Next.

    3. On the Contract Fulfillment tab, enter the following and then click Next:

      • From the USER_KEY source list, select Authentication Policy Contract, and in the Value field, select subject.

      • From the USER_NAME source list, select Authentication Policy Contract, and in the Value field, select subject.

    4. On the Issuance Criteria tab, click Next, and then on the Summary tab, click Save.

      Result:

      The new policy grant mapping is shown in the Mappings list.