Do not use the Policy Editor in a pre-production or production environment. Define policy configuration keys in the PingAuthorize Server configuration.
When using embedded PDP mode, policy configuration keys are stored in the PingAuthorize Server configuration, and the server provides the policy configuration key values to the policy engine at runtime. You can use either the administrative console or dsconfig to define policy configuration keys.
Policy configuration key values are stored in encrypted form in the PingAuthorize Server configuration, so they are suitable for storing sensitive values such as server credentials.
Define policy configuration keys using the administrative console by following these steps:
- In the administrative console, under Authorization and Policies, click Policy Decision Service.
Click New Policy Configuration Key.
- For Name, enter ConsentBaseUri.
- For Policy Configuration Value, type the base URI. For example, https://consent-us-east.example.com/consent/v1.
- Save the policy configuration key.
Repeat the previous steps for the policy configuration keys
The following example shows how to use dsconfig to create a policy
configuration key named
ConsentServiceBaseUri with the value
dsconfig create-policy-configuration-key \ --key-name ConsentServiceBaseUri \ --set policy-configuration-value:https://example.com/consent/v1