Mapping token exchange attributes to access token manager attributes - PingFederate

Page created: 12 Dec 2019 |

Page updated: 5 Apr 2021

| 1 min read

PingFederate 10.0 Product Page Configuration Task Type Admin Guide Configuration User task OAuth Standards, specifications, and protocols Software Deployment Method Product documentation Content Type Administrator Audience

When configuring the OAuth authorization server to exchange security tokens, if it uses an access token manager instances to generate requested tokens, then map the attributes in the attribute contract produced by the token exchange processor policy to the attributes in the tokens created by the access token manager instances.

Before you perform the following procedure, define the token exchange processor policies (see Defining token exchange processor policies) and configure the access token managers instances (see Managing access token management instances).

To map the attributes from a token exchange processor policy to the attributes from an access token manager instance:

On the OAuth Server page, in the Token Mapping section, click Access Token Mapping .
The Access Token Attribute Mapping page opens.
In the Context menu, select a token exchange processor policy. Select an Access Token Manager and then click the Add Mapping button.
The Access Token Mapping wizard opens.
If the access token manager needs additional attribute sources for contract fulfillment, use the Attribute Sources & User Lookup tab to add them.
On the Contract Fulfillment tab, select a Source and Value for each attribute.
If you want to specify conditions that attributes must satisfy for PingFederate to exchange the token, use the Issuance Criteria tab to add them.
On the Summary tab, review the access token mapping. Click Done.
The Access Token Mapping page opens.
Click Save.

Mapping token exchange attributes to access token manager attributes - PingFederate - 10.0

PingFederate Server