The containers must be on the same Docker network to communicate properly.

Sign on to the Policy Editor and import a policy snapshot. You can find a set of default policies in the resource/policies/defaultPolicies.SNAPSHOT file. For more information, see Signing on to the PingAuthorize Policy Editor.

To configure PingAuthorize Server to use the Policy Editor, use dsconfig or the administrative console to create a Policy External Server to represent the Policy Editor, then assign the Policy External Server to the Policy Decision Service and configure it to use external PDP mode. Also, set the Trust Framework Version to the current version, v2.

Consider the following example. Assume a container named pingauthorize and that no files are needed from the file system. The following commands run dsconfig from within the container.

docker exec pingauthorize /opt/out/instance/bin/dsconfig create-external-server \
  --server-name "Policy Editor" \
  --type policy \
  --set "base-url:https://<pap-hostname>:<pap-port>" \
  --set "shared-secret:2FederateM0re" \
  --set "branch:Default Policies"
docker exec pingauthorize /opt/out/instance/bin/dsconfig set-policy-decision-service-prop \
  --set pdp-mode:external \
  --set "policy-server:Policy Editor" \
  --set trust-framework-version:v2

In the example, the base URL consists of the host name and port chosen for the Policy Editor during setup. The shared secret value is 2FederateM0re by default. The branch name corresponds to the branch name that you chose when importing your policy snapshot.