Use the Authentication Policy Contract Grant Mapping window to map values obtained from the authentication policy contract into the persistent grants. Persistent grants and any associated attributes and their values remain valid until the grants expire or until PingFederate explicitly revokes or cleans them up.
The USER_KEY attribute is the identifier of the persistent grants. The USER_NAME attribute presents the name shown to the resource owner on OAuth user-facing pages. If extended attributes are defined in , configure a mapping for each attribute. You can optionally set up datastore queries to supplement values returned from the source. This mapping configuration is suitable for the Authorization Code and Implicit grant types.
and perform one of the following actions.
Action Steps Create a mapping Select the source of the attributes from the list and click Add Mapping. Modify an existing mapping Select your mapping under Mappings. Remove an existing mapping or cancel the removal request Click Delete or Undelete under Action.Note:
Before removing a mapping from your configuration, ensure that it is not used by your OAuth use cases. Any corresponding entries defined inwill also be removed.