The OAuthToken object contains the OAuthOAuth A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server. access token and related identity attributes. The OAuthToken instance is available only for OAuth Groovy script rules.

Groovy sample

def scopes = policyCtx?.context.get("oauth_token")?.scopes
def attr = policyCtx?.context.get("oauth_token")?.attributes
def username = policyCtx?.context.get("oauth_token")?.attributes?.get("username")?.get(0)
exc?.request?.header?.add("x-scopes", "$scopes")
exc?.request?.header?.add("x-attributes", "$attr")
exc?.request?.header?.add("x-username", "$username")

Method summary

Method Description

Instant getExpiresAt()

Contains the expiration instant of the OAuth access token.

Instant getRetrievedAt()

Contains the instant that the OAuth access token was retrieved from PingFederate.

String getTokenType()

Contains the type of OAuth access token. (Bearer, JSON Web Token (JWT)JSON Web Token (JWT)JWT An IETF standard container format for a JSON object used for the secure exchange of content, such as identity or entitlement information. To read the industry standard, see RFC 7519).

String getClientId()

Contains the client ID associated with the OAuth access token.

Set getScopes()

Contains the set of scopes associated with the OAuth access token.

Map<String, List<String> >getAttributes()

Contains a map of identity attributes specific to the user.