Mapping token exchange attributes to token generator attributes - PingFederate

Page created: 13 Dec 2019 |

Page updated: 5 Apr 2021

| 1 min read

PingFederate 10.0 Product Page Configuration Task Type Admin Guide Configuration User task OAuth Standards, specifications, and protocols Software Deployment Method Product documentation Content Type Administrator Audience

When configuring the OAuth authorization server to exchange security tokens, if it uses token generator instances to create the requested tokens, then map the attributes in the attribute contract produced by the token exchange processor policy to the attributes created by the token generator instances.

Before you perform the following procedure, define the token exchange processor policies (see Defining token exchange processor policies) and configure the token generator instances (see Managing token generators).

To map the attributes from a token exchange processor policy to the attributes from a token generator instance:

On the OAuth Server page, in the Token Exchange section, click Token Generator Mappings.
The Token Generator Mappings page opens.
In the Source Instance list, select a token exchange processor policy. In the Target Instance list, select a token generator from a token exchange generator group. Click the Add Mapping button.
The Mapping Configuration wizard opens.
If the token generators needs additional attribute sources for contract fulfillment, use the Attribute Sources & User Lookup tab to add them.
On the Token Contract Fulfillment tab, select a Source and Value for each attribute.
If you want to specify conditions that attributes must satisfy for PingFederate to exchange the token, use the Issuance Criteria tab to add them.
On the Summary tab, review the mapping configuration. Click Done.
The Token Generator Mappings page opens.
Click Save.

Mapping token exchange attributes to token generator attributes - PingFederate - 10.0

PingFederate Server