Configuring an OAuth Token Processor instance - PingFederate - 11.2

PingFederate Server

bundle
pingfederate-112
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.2
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-112
pingfederate
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

The PingFederate STS provides validation for OAuth 2.0 bearer tokens. To use the OAuth Token Processor, you must first configure an Access Token Management (ATM) instance.

For more information about PingFederate OAuth authorization server and access token management, see About OAuth and Access token management.
  1. Go to Authentication > Token Exchange > Token Processors.
  2. On the Instance Configuration tab, configure the basics of the token processor instance.
    1. In the Access Token Manager row, from the Field Value list, select an ATM instance.
      If the desired ATM instance is not shown, click Manage Access Token Manager.

      The token processor instance uses the selected ATM instance to validate the OAuth bearer access tokens.

    2. Optional: Select the Scope Value as Single String check box.

      If selected, the scope value is returned as a single space-delimited set of string value. If it is not selected, scope values are returned as a multivalued attribute.