Example: Configure policy configuration keys - PingDataGovernance

Example: Configure policy configuration keys - PingDataGovernance - 8.2

PingDataGovernance

bundle

pingdatagovernance-82

ft:publication_title

PingDataGovernance

Product_Version_ce

PingDataGovernance 8.2

Example

Consider an organization that has two development environments, US-East and US-West. The organization’s policies call out to a PingDirectory Consent API policy information provider (PIP), and the Consent API’s host name differs depending on the development environment being used. If the Consent API host name was hard-coded in the Trust Framework, then a different Trust Framework would need to be used for each development environment. Instead, you can declare the host name as a policy configuration key in the Policy Administration GUI’s configuration.

To set up this policy configuration key, complete the following steps.

Make a copy of the default options file.
```
$ cp config/options.yml my-options.yml
```
Edit the new options file to define a policy configuration key in the core section called ConsentHostname.
```
core:
  ConsentHostname: consent-us-east.example.com
# Other options omitted for brevity...
```
Stop the Policy Administration GUI.
```
$ bin/stop-server
```

Run setup using the --optionsFile argument. Customize all other options as appropriate for your needs.

$ bin/setup demo \
  --adminUsername admin \
  --generateSelfSignedCertificate \
  --decisionPointSharedSecret datagovernance \
  --hostname <pap-hostname> \
  --port <pap-port> \
  --adminPort <admin-port> \
  --licenseKeyFile <path-to-license> \
  --optionsFile my-options.yml

Start the Policy Administration GUI.
```
$ bin/start-server
```

After you define the Consent API service in the Trust Framework, you can refer to the policy configuration key that you defined in the Policy Administration GUI configuration. To do this, you must first create an attribute in the Trust Framework to hold the policy configuration key value. Add an attribute with the following settings.

Property	Value
Name	ConsentHostname
Resolver Type	Configuration Key
Resolver Value	ConsentHostname

Now when you create a service in the Trust Framework, you can refer to this attribute using the {{AttributeName}} notation. For example, where the URL https://consent-us-east.example.com/consent/v1/consents is otherwise used, you would use the URL https://{{ConsentHostname}}/consent/v1/consents, as shown in the following image.

Screen capture illustrating a configured URL with the ConsentHostname value included.