Access token validators - PingDataGovernance

Access token validators - PingDataGovernance - 8.2

PingDataGovernance

bundle

pingdatagovernance-82

ft:publication_title

PingDataGovernance

Product_Version_ce

PingDataGovernance 8.2

category

Product

pdg-82

pingdatagovernance

ContentType_ce

Page created: 22 Jul 2020 |

Page updated: 9 Feb 2021

| 1 min read

8.2 PingDataGovernance Product Administration User task Data Governance Capability Product documentation Content Type

Access token validators verify the tokens that client applications submit when they request access to protected resources.

Specifically, access token validators translate an access token into a data structure that constitutes part of the input for policy processing.

To authenticate to PingDataGovernance Server's HTTP services, clients use OAuth 2 bearer token authentication to present an access token in the HTTP Authorization Request header. To process the incoming access tokens, PingDataGovernance Server uses access token validators, which determine whether to accept an access token and translate it into a set of properties, called claims.

Most access tokens identify a user, also called the token owner, as its subject. Access token validators can retrieve the token owner's attributes from the user store using a related component called a token resource lookup method. The user data obtained by a token resource lookup method is sent to the policy decision point (PDP) so that policies can determine whether to authorize the request.