See the extension-types.html page in the docs/getting-started directory of your Server SDK build to learn more about specific extension types.

The Server SDK supports the following extensions:

Extensions Description

Access Loggers

Record information about operations processed by the server. This includes information about connections that are established and closed, as well as whenever requests are received from clients or responses are returned to clients.

Access Token Validators

Validate access tokens submitted by client applications for access to protected HTTP resources.

Alert Handlers

Convey alert notifications generated within the server to administrators so they can take appropriate action. Alert notifications report significant errors, warnings, or events that may warrant immediate attention.

Error Loggers

Record information about events occurring in the server, including warning and error conditions, informational messages, and some limited debugging information (although most debugging information is made available through debug loggers rather than error loggers).

HTTP Operation Loggers

Record information about communication performed by HTTP clients, including requests received and responses written.

HTTP Servlet Extensions

Create servlets that perform custom processing in response to requests received from HTTP clients. HTTP Servlet Extensions can customize the paths for which they should be invoked, the set of initialization parameters, the initialization order, and an optional set of filters that may be used in conjunction with the servlet.

Key Manager Providers

Provide access to Java key managers, which you use to obtain access to a certificate that you might need to present to another system. This includes cases where the server is configured to accept connections from secure clients using SSL or StartTLS, and also when it needs to establish secure connections to other systems with a certificate for client authentication.

Manage Extensions Plugins

Introduce custom processing at various points in the extension bundle installation process while using the manage-extension tool.

You can invoke Manage Extension Plugins in the following contexts:

  • Before any files are copied during a first-time install of the extension bundle
  • After files are copied during a first-time install of the extension bundle
  • Before any files are updated during the update of an installed extension bundle
  • After all files are updated during the update of an installed extension bundle

Monitor Providers

Report information about the state of components within the server, and can be used for health-checking purposes, real-time and historical monitoring, and debugging and troubleshooting. You can use each Monitor Provider instance to generate a single monitor entity, generally with information about a single component of the server.

OAuth Token Handlers

Validate incoming SCIM requests using OAuth 2.0 bearer tokens for authentication. Implementations of this API are responsible for decoding the bearer token and checking it for authenticity and validity.


Introduce custom processing at various points in the server life cycle or in interaction with clients. You can use Plugins to alter some content before the server performs other processing on it. For example, you can use pre-parsing Plugins to alter the content of a request read from a client or reject that request with an error.

Trust Manager Providers

Provide access to Java trust managers, which the server uses to determine whether to trust a certificate presented to it. This includes cases where a client using SSL or StartTLS presents its own certificate to the server, and also when the client needs to establish secure connections with other systems.


Carry out custom processing directives included in a policy decision result. For example, you can use an advice to add or remove response content.

Store Adapters

Serve as a native interface to a backend data store. Store Adapters are aggregated into a SCIM Resource Type in the PingAuthorize Server, which supports a SCIM front-end which can be backed by any number and type of native data stores.

Store Adapter Plugins

Perform processing on Store Adapter operations before and after those operations are processed by a Store Adapter.

Token Resource Lookup Methods

Look up the attributes of an access token owner. Using the result of Access Token Validator processing as input, a Token Resource Lookup Method can query a data store to obtain the token owner's attributes. These attributes are then made available to policies for making access control decisions.