Mapping a policy contract to multiple use cases - PingFederate - 11.1

PingFederate Server

bundle
pingfederate-111
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.1
category
Administrator
Audience
Capability
DeploymentMethod
Product
SingleSignonSSO
Software
SystemAdministrator
pf-111
pingfederate
ContentType_ce

The last step to reuse an authentication policy in multiple service provider (SP) connections is to map the authentication policy contract into the applicable SP connections.

In general, for identity provider (IdP) browser single sign-on (SSO) use cases, if you select authentication policy contracts in your authentication policies then you must map the authentication policy contracts to the applicable SP connections.

  1. Go to Applications > Integration > SP Connections.
  2. Select the applicable SP connection from the list of connections.
  3. On the Activation & Summary tab, click Authentication Source Mapping.
  4. Click Map New Authentication Policy and use the in-product help on each screen as needed to map the authentication policy contract into the SP connection.

Similarly, to reuse an authentication policy for browser-based OAuth authorization code and implicit flows, map the authentication policy contract to the applicable browser SSO connections and OAuth grant-mapping configuration. For more information, see Managing authentication policy contract grant mapping.