From the Attribute Sources & User Lookup window, you can add new attribute sources or manage existing attribute sources to supply attributes for the identity provider (IdP) adapter contract or the token authorization framework.
Attribute sources are specific datastore or directory locations containing information that might be needed for the IdP adapter contract or the token authorization framework. You can use more than one attribute source when mapping values to the IdP adapter contract.
For more information about token authorization, see Token authorization.
The PingFederate IdP server supports separate datastores to look up attributes for a single mapping. For example, you can query multiple datastores for values and map those values in one mapping, or query a datastore for a value and use that value as input for subsequent queries of other datastores.
Queries are executed in the order they are displayed on the Attribute Sources & User Lookup tab. Use the up and down arrows as needed to adjust the order.
If a required attribute, such as the user identifier username for the HTML Form Adapter or subject for the OpenToken IdP Adapter, cannot be fulfilled, the request fails.
- Go to
- Click the name of the existing IdP adapter instance you want to configure in the Instance Name list.
Click the Adapter Contract Mapping tab.
If this is a child instance, select the Override Adapter Contract check box to modify the configuration unless you have already selected the override option in the Extended Contract tab, in which case the Override Adapter Contract check box is automatically selected for you.
- Click Configure Adapter Contract.
- If your use case requires only dynamic texts or results from OGNL expressions without any attributes from local datastores, skip to Configuring IdP adapter contract fulfillment.
- To add an attribute source, click Add Attribute Source.
- To modify an existing instance, select it by name under Description.
- To remove an existing instance or to cancel the removal request, click Delete or Undelete under Action.