Mapping token exchange attributes to access token manager attributes - PingFederate - 10.2

PingFederate Server

PingFederate Server
PingFederate 10.2

When configuring the OAuth authorization server to exchange security tokens, if it uses an access token manager instances to generate requested tokens, then map the attributes in the attribute contract produced by the token exchange processor policy to the attributes in the tokens created by the access token manager instances.

Before you perform the following procedure:

In the Access Token Mapping window, map the attributes from a token exchange processor policy to the attributes from an access token manager instance.

  1. Go to Applications > OAuth > Access Token Mapping.
  2. In the Context section, from the Context list, select a token exchange processor policy.
  3. From the Access Token Manager list, select an access token manager. Click Add Mapping.
    The Access Token Mapping configuration window wizard opens.
  4. On the Attribute Sources & User Lookuptab, add access token manager attribute sources for contract fulfillment as needed. Click Next.
  5. On the Contract Fulfillment tab, select a Source and Value for each attribute. Click Next.
  6. On the Issuance Criteria tab, add and specify conditions that attributes must satisfy for PingFederate to exchange the token as needed. Click Next.
  7. On the Summary tab, review the access token mapping. Click Done.
    The Access Token Mapping window opens.
  8. Click Save.