Configuring an access token manager - PingFederate

Configuring an access token manager - PingFederate - 11.2

PingFederate Server

bundle

pingfederate-112

ft:publication_title

PingFederate Server

Product_Version_ce

PingFederate 11.2 (Latest)

category

Administrator

Administratorguide

Audience

Capability

ContentType

DeploymentMethod

Guide

Product

Productdocumentation

SingleSignonSSO

Software

SystemAdministrator

pf-112

pingfederate

ContentType_ce

Guide > Administrator Guide

Guide

Product documentation

Page created: 12 Jul 2022 |

Page updated: 6 Feb 2023

| 1 min read

Guide Administrator Guide Content Type Product documentation 11.2 Capability Single Sign-on (SSO) Deployment Method Software Audience Administrator System Administrator Product PingFederate

Create a JSON Web Token (JWT) access token management instance.

Go go Applications > OAuth > Access Token Management.
To create a new access token management instance, click Create New Instance.
On the Type tab:
1. Enter a name for the instance in the Instance Name field and an ID in the Instance ID field.
2. In the Type menu, select JSON Web Tokens.
3. Click Next.
On the Instance Configuration tab:
1. In the Certificates section, click Add a new row to 'certificates'.
2. In the Key ID field, enter an ID for the key.
3. In the Certificate menu, select your sighing certificate, and click Update.
4. In the JWS Algorithm menu, select RSA using SHA-256.
5. In the Active Signing Certificate Key ID menu, select the key ID you entered in step b.
6. Click Next.
On the Session Validation tab, click Next.
On the Access Token Attribute Contract tab:
1. Make sure User_Key is selected in the Subject Attribute Name menu.
2. In the Extend the Contract field, enter admin_role, and click Add.
3. Repeat step b to add the iss, memberOf, and sub attributes.
4. Click Next.
On the Resource URIs and Access Control tabs, click Next.
On the Summary tab, review your configuration. Click Save.