When configuring the OAuth authorization server to exchange security tokens, if it
uses token generator instances to create the requested tokens, then map the attributes in
the attribute contract produced by the token exchange processor policy to the attributes
created by the token generator instances.
Before you perform the following procedure:
In the Token Generator Mappings
window, map the attributes from a token exchange processor policy to the attributes
from a token generator instance.
-
Go to to open the Token Generator Mappings
window.
-
From the Source Instance list, select a token exchange
processor policy.
-
From the Target Instance list, select a token generator
from a token exchange generator group. Click Add Mapping
button.
The Mapping Configuration window
opens.
-
On the Attribute Sources & User Lookup tab, add
token generators additional attribute sources for contract fulfillment as
needed. Click Next.
-
On the Token Contract Fulfillment tab, select a
Source and Value for each
attribute. Click Next.
-
On the Issuance Criteria tab, add and specify conditions
that attributes must satisfy for PingFederate to exchange the token as needed.
Click Next.
-
On the Summary tab, review the mapping configuration.
Click Done.
The Token Generator Mappings window opens.
-
Click Save.