--- title: May act scripting API description: The following bindings are available to May act scripts for token exchange. component: pingoneaic page_id: pingoneaic:am-scripting:may-act-api canonical_url: https://docs.pingidentity.com/pingoneaic/am-scripting/may-act-api.html --- # May act scripting API The following bindings are available to [May act](../am-oauth2/token-exchange.html#may_act_scripts) scripts for token exchange. | | | | - | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | | This script can be either a legacy or a next-generation script. It has access to all the [common bindings](script-bindings.html) for its scripting context.Learn about converting existing scripts in [Migrate OAuth scripts to next-generation scripts](access-token-modification-migrate.html). | | Binding | Description | Legacy | Next-generation | | ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `clientProperties` | A map of properties configured in the client profile. Only present if the client was correctly identified.Find information about the keys in [Access client properties](access-token-modification-api.html#atmapi-client-properties). | Map | Map | | `identity` | Represents an identity that Advanced Identity Cloud can access.Find examples of how to use the binding in [Access profile data](access-token-modification-api.html#atmapi-profile). | An [AMIdentity](../_attachments/apidocs/com/sun/identity/idm/AMIdentity.html) object. | A wrapper object for a scripted identity. | | `requestProperties` | A read-only object (map) of the following request properties.- `requestUri` The URI as a string. - `realm` The realm as a string. - `requestParams` A map of request parameters and posted data, where each value is an array of parameters. To mitigate the risk of reflection-type attacks, use OWASP best practices when handling these parameters. Refer to Unsafe use of Reflection. - `requestHeaders` The value of the named request header. Returns a map of `>` as a native JavaScript object, for example: ```javascript var ipAddress = requestProperties.requestHeaders["X-Forwarded-For"][0] ``` Header names are case-sensitive. | Map | Map | | `scopes` | The set of scopes in the client request. | Set of Strings | List of Strings | | `session` | A representation of the user's SSO session object. | An [SSOToken](../_attachments/apidocs/com/iplanet/sso/SSOToken.html) object. | A `ScriptedSession` object.> **Collapse: Methods** > > ```java > public String getProperty(String name) > public void setProperty(String name, String value) > ``` | | `token` | The token to be updated. The token is a mutable object, which means that changes directly update the underlying token state.Use the `token.setMayAct(JsonValue value)` method to add a `may_act` claim to a token. | An `ExchangeableToken` object | An `ExchangeableTokenScriptWrapper` object> **Collapse: Methods** > > ```javascript > public void setMayAct(Map value) throws ServerException > public Map getMayAct() > public Map getAct() > public void setAct(Map value) throws ServerException > public Object getField(String key) > ``` |