Configuring contract mapping - PingFederate - 11.1

PingFederate Server

bundle
pingfederate-111
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.1
category
Administrator
Audience
Capability
DeploymentMethod
Product
SingleSignonSSO
Software
SystemAdministrator
pf-111
pingfederate
ContentType_ce

Configure authentication policy contract grant mappings in the PingFederate administrative console.

  1. Optional: Go to Authentication > OAuth > Authentication Policy Contract Mapping.
  2. Optional: From the Authentication Policy Contract list, click the desired mapping or select the desired mapping from the Authentication Policy Contract list.
    Note:

    If you do not have an authentication policy contract mapping already configured, go to Authentication > Policies > Policy Contracts and configure and save a new contract.

  3. Optional: On the Attribute Sources & User Lookup window, click Add Attribute Source to configure datastore queries.
  4. On the Contract Fulfillment tab, fulfill the selected contract.
    Note:

    If the selected closed-ended path contains more than one authentication source, you have access to attributes obtained successfully from the previous authentication sources along the same path.

    For example, referring to the earlier policy in Applying policy contracts or identity profiles to authentication policies, if you select an authentication policy contract for the PingID (Adapter) > Success result, you can map attributes from the HTML Form Adapter and the PingID Adapter.

    Besides the preceding identity provider (IdP) connection or IdP adapter instance, you can also use dynamic text, attribute mapping expression, if enabled, and tracked HTTP request parameter, if configured, as the source of fulfillment.

  5. Optional: On the Issuance Criteria tab, configure conditions to be validated before issuing an authentication policy contract. For more information, see Defining issuance criteria for contract or local identity mapping.
  6. On the Summary tab, review your configuration, modify as needed, and then click Done.
  7. On the Policy window, continue with the rest of your policy configuration.