Adding a game invitee list attribute
Learn how to use the Trust Framework to add an attribute for the invitee list of other game players.
About this task
To create a policy that meets your business requirements, you’ll need two attributes:
-
To determine whether the user’s email address comes from a generic domain, you’ll use the built-in PingOne user email address attribute for the user authenticated to the application.
-
To determine whether the user is inviting others to play the Meme Game, you’ll create an attribute in the Trust Framework for the invitee list of other game players. You’ll extract the invitee list from the API request body.
Steps
-
In PingOne, go to Authorization → Trust Framework and click the Attributes tab.
-
Click the icon and select Add new Attribute.
-
For the attribute Name, enter
New game invitee list
. -
Verify that there is no Parent selected. If a parent exists, click the Delete icon to remove it.
-
In the Resolvers section, click Add Resolver.
-
For the Resolver Type, select Attribute.
-
For Select an attribute, select PingOne → API Access Management → HTTP → Request → Body.
This resolver returns the decision request body. For more information, see Resolvers.
-
Click Value Processors and then click Add Processor.
-
Make sure the Processor type is JSON Path.
-
Enter
$.data.attributes.invitees
in the input box for the JSON Path Processor. -
For Value Type, select Collection.
This processor extracts the invitee list from the decision request body. For more information, see Processors.
-
For Value Settings:
-
Select the Default value check box, and then enter open and closing brackets ([]) for the default value.
This sets the default value to an empty collection, ensuring that the attribute resolves successfully if the invitee list is empty. For more information, see Value settings.
-
For the Type, select Collection.
-
-
Click Save Changes.
Result
You’ve added an attribute in the Trust Framework for the invitee list of other game players.
Next steps
Next, you’ll put everything together in a custom policy that authorizes the specific conditions under which a user can start a game.