You can use the Token Management connector to:

  • Create ID, access, or JWT tokens.
  • Get details about tokens.
  • Redirect user with error.

Setup

Resources

For information and setup help, see the following:

Configuring the Token Management connector

Add the connector in DaVinci as shown in Adding a connector, then configure it as follows.

Note:

This connector doesn't have a configuration at the environment level. You configure it in your flow instead.

Using the connector in a flow

Token creation

The connector has several capabilities that allow you to create tokens:

  • Create Tokens with OIDC Redirect
  • Create Tokens with Custom Claims
  • Create Tokens without OIDC Redirect

No special flow configuration is needed. Add the capability and populate its properties according to the help text.

Token details

The connector has several capabilities that allow you to get details about tokens:

  • Get Session Token Details
  • Get Token Details

No special flow configuration is needed. Add the capability and populate its properties according to the help text.

OIDC redirect with error

You can use the Redirect User with Error capability to redirect users with error.

No special flow configuration is needed. Add the capability and populate its properties according to the help text.

Capabilities

Create Tokens

ID/Access/Session JWT Tokens and OIDC Redirect

Details
Details
Properties
createSessionTokenFlag toggleSwitch
Input Schema
default object
userInfo object
skOpenId object
domainPublicHost string
Create Tokens with Custom Claims

ID/Access/Session JWT Tokens with Custom Claims and OIDC Redirect

Details
Details
Properties
claimsNameValuePairs selectNameValueListColumn
idTokenExpiry textField
claimsNameValuePairsAccessToken selectNameValueListColumn
accessTokenExpiry textField
createSessionTokenFlag toggleSwitch
claimsNameValuePairsSessionToken selectNameValueListColumn
sessionTokenExpiry textField
customScopesFlag toggleSwitch
customScopes textField
customScopesSeparateField toggleSwitch
customScopesSeparateFieldName textField
encryptionFlag toggleSwitch
encryptionKey codeEditor
encryptionAlg dropDown
encryptionContentAlg dropDown
shadowUserNotPresentFlag toggleSwitch
Input Schema
default object
userInfo object
skOpenId object
domainPublicHost string
Get Session Token Details

Session Token claims are extracted from the JWT token

Details
Details
Properties
sessionTokenName textField

Default:

sessionToken
sessionTokenLocation dropDown
sessionToken textField
resolveToUser toggleSwitch
Input Schema
default object
type object
Output Schema
output object
claims object
properties object
sub string
aud string
iss string
usage string
loa number
scope string
jti string
iat number
exp number
Get Token Details

Claims are extracted from any JWT token signed by DaVinci

Details
Details
Properties
genericToken textField
errorOnExpiry toggleSwitch
Input Schema
default object
type object
Output Schema
output object
claims object
properties object
sub string
aud string
iss string
usage string
loa number
scope string
jti string
iat number
exp number
Redirect User with Error

Redirect user to RP with standard/customized error

Details
Details
Properties
customErrorFlag toggleSwitch
errorMessage textField
errorDescription textField
errorCode textField
errorReason textField
Input Schema
default object
skOpenId object
Create Tokens

Create Tokens (without any OIDC Redirect).

Details
Details
Properties
createIdTokenFlag toggleSwitch
claimsNameValuePairs selectNameValueListColumn
idTokenExpiry textField
createAccessTokenFlag toggleSwitch
claimsNameValuePairsAccessToken selectNameValueListColumn
accessTokenExpiry textField
createSessionTokenFlag toggleSwitch
claimsNameValuePairsSessionToken selectNameValueListColumn
sessionTokenExpiry textField
customScopesFlag toggleSwitch
customScopes textField
customScopesSeparateField toggleSwitch
customScopesSeparateFieldName textField
Input Schema
default object
userInfo object
skOpenId object
domainPublicHost string
Output Schema
output object
access_token string
id_token string
session_token string