An attribute contract is a set of user attributes the IdP sends in the SAML assertions or JWTs for this connection. You identity these attributes on the
window.TOKEN_SUBJECT represents the name identifier of the user for whom the access token is being requested, the SAML_SUBJECT attribute in SAML assertions and the sub claim in JWTs.
Optionally, you can mask the values of attributes (other than TOKEN_SUBJECT) in the log files that PingFederate writes when it receives security tokens.
-
To add an attribute, follow these steps:
-
To modify an attribute name or masking selection, follow these steps:
- To delete an attribute, click Delete under Action for the attribute.