PingOne

Editing custom ID token mappings

You can customize the content of an OIDC ID token by adding custom attributes and their values.

The claim defined by the mapping is returned in the ID token, regardless of the scopes specified in the authorization request. For example, if you want to include a user’s account ID in ID tokens associated with the specified OpenID Connect (OIDC) application, you can map the user’s account ID to the accountId PingOne user attribute.

You can map PingOne user attributes or static attributes to custom attributes in the application you are adding.

Mapping PingOne attributes

You can map PingOne attributes to custom attributes in your application. For example, you could map account ID in PingOne to User ID in the application.

Steps

  1. Go to Applications → Applications.

  2. Locate the application for which you want to map attributes. You can browse or search for applications. To add an application, see Adding an application.

  3. Click the application entry to open the details panel for the application.

  4. Click the Attribute Mappings tab, and then click the pencil icon.

  5. Click Add attribute.

  6. Enter the following:

    • Application attribute. Enter the custom application attribute, such as account ID.

    • Outgoing value. Select an attribute in the list, such as User ID. You can browse or search for attributes.

  7. If the value is a required attribute for the application, select the Required check box.

    If you request an ID token with a claim that is marked as required but doesn’t have a value, PingOne will return an error. If the value is not marked as required and doesn’t have a value, the property will be omitted from the token.

  8. To use the expression builder, click Advanced expression. For more information, see Using the expression builder.

  9. Click Save.

Mapping static attributes

Some service providers require global values for all users to be passed in the assertion. You can use PingOne to map these keys to fixed values.

Steps

  1. Go to Applications → Applications.

  2. Locate the application for which you want to map attributes. You can browse or search for applications. To add an application, see Adding an application.

  3. Click the application entry to open the details panel for the application.

  4. Click the Attribute Mappings tab, and then click the pencil icon.

  5. Click Add attribute.

  6. Enter the following:

    • Application attribute. Enter the custom application attribute, such as Version.

    • Outgoing value. Enter a value, such as 2.0.

  7. To use the expression builder, click Advanced expression. For more information, see Using the expression builder.

  8. Click Save.