To configure PingDataGovernance Server to use external PDP mode, use dsconfig or the Administrative Console to create a Policy External Server to represent the Policy Administration GUI, then assign the Policy External Server to the Policy Decision Service and set the PDP mode.
dsconfig create-external-server \ --server-name "Policy Administration GUI" \ --type policy \ --set "base-url:https://<pap-hostname>:<pap-port>" \ --set "shared-secret:datagovernance" \ --set "branch:Default Policies" \ dsconfig set-policy-decision-service-prop \ --set pdp-mode:external \ --set "policy-server:Policy Administration GUI"
In this example, the shared-secret value corresponds to the decision point shared secret value chosen or generated while installing the Policy Administration GUI. The branch is the name of a policy branch in the Policy Administration GUI, and the decision-node value is the ID of a node in the policy tree that will be considered first during policy processing.
- In the Policy Administration GUI, go to Policies.
- Select the node that you want to use as the root node.
This is typically the top-level node of your policy tree.
- Click the three-line icon and select Copy ID to clipboard.