This feature is useful for:
  • Data control
  • Information security
  • Resource management

Again, we continue using the meme games API used in Getting started with PingAuthorize (tutorials).

We first set up some Trust Framework attributes and services to provide consent status. Then we create a policy with rules that use the consent status to include, exclude, or modify attributes in the response. The following topics cover the Trust Framework tasks. If you completed Use case: Using consent to determine access to a resource, you have already finished the tasks of setting up Trust Framework attributes and services. Those tasks are the same for both use cases.
  1. Getting a path component from the request URL
  2. Getting the requestor identifier from the access token
  3. Searching for consent granted by resource owner to requestor
  4. Getting consent status from the consent record
  5. What is different for this use case is the policy itself. The following topic explains how to add rules with statements to include, exclude, or modify attributes in the response.

    Creating a policy to check consent and then change the server response