Configuring an identity mapping - PingAccess - 7.3

PingAccess

bundle
pingaccess-73
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 7.3
category
Product
pa-73
pingaccess
ContentType_ce

A header identity mapping can expose one or more attribute values to the protected API in HTTP request headers.

For more information about this procedure, including optional steps that are not included here, see Creating header identity mappings.

  1. Click Access and then go to Identity Mappings > Identity Mappings.
  2. Click + Add Identity Mapping.
  3. In the Name field, enter a name for the mapping.
  4. From the Type list, select Header Identity Mapping.
  5. In the Attribute to Header Mapping section, in the Attribute Name field, enter the name of the attribute to retrieve from the user web session. For example, sub.
  6. In the Header Name field, enter the name of the header to contain the attribute value.
    Note:

    The HTTP header you specify here is the actual header name over the HTTP protocol, not an environment variable interpreted format. For example, enter the User-Agent browser type identifying header as User-Agent, not HTTP_USER_AGENT.

  7. In the Certificate to Header Mapping section, enter the header name included in a PEM-encoded client certificatecertificate A digital file used for identity verification and other security purposes. The certificate, which is often issued by a certificate authority (CA), contains a public key, which can be used to verify the originator's identity..
    The row position correlates to the index in the client certificate chain. For example, the first row always maps to the leaf certificate. If you are using a certificate chain, click + Add Row to add another row.
  8. Click Save.