Before you perform the following procedure, define the token exchange processor policies (see Defining token exchange processor policies) and configure the access token managers instances (see Managing access token management instances).

To map the attributes from a token exchange processor policy to the attributes from an access token manager instance:

  1. On the OAuth Server page, in the Token Mapping section, click Access Token Mapping .
    The Access Token Attribute Mapping page opens.
  2. In the Context menu, select a token exchange processor policy. Select an Access Token Manager and then click the Add Mapping button.
    The Access Token Mapping wizard opens.
  3. If the access token manager needs additional attribute sources for contract fulfillment, use the Attribute Sources & User Lookup tab to add them.
  4. On the Contract Fulfillment tab, select a Source and Value for each attribute.
  5. If you want to specify conditions that attributes must satisfy for PingFederate to exchange the token, use the Issuance Criteria tab to add them.
  6. On the Summary tab, review the access token mapping. Click Done.
    The Access Token Mapping page opens.
  7. Click Save.