Configuring OAuth key management settings - PingAccess - 7.3

PingAccess

bundle
pingaccess-73
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 7.3
category
Product
pa-73
pingaccess
ContentType_ce

Configure settings for OAuthOAuth A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server. key management in PingAccess.

  1. Click Access and then go to Token Validation > OAuth Key Management.
  2. Choose to enable or disable key rolling:
    • To enable key rolling, select the Key Roll Enabled check box.
    • To disable key rolling, clear the Key Roll Enabled check box.
  3. To specify the interval at which you want to roll keys, enter a value (in hours) in the Key Roll Enabled (H) field.
  4. From the Signing Algorithm list, select a signing algorithm to protect the integrity of the token when you use private key JSON Web Token (JWT)JSON Web Token (JWT)JWT An IETF standard container format for a JSON object used for the secure exchange of content, such as identity or entitlement information. To read the industry standard, see RFC 7519 OAuth clientOAuth clientThe application in an OAuth framework that requests access to resources. If the request is approved by the authorization server, the client is issued an access token for the resources. authentication.

    If you select Automatic, you will use the algorithm specified in the OpenID Provider (OP)OpenID Provider (OP)OP In OAuth terms, an authorization server (AS). The OP/AS issues access tokens to protected resources for approved clients (relying parties). The clients use the access token to access the protected resources hosted by the OAuth resource server. metadata.

  5. Click Save.