Configuring an access token manager - PingFederate - 11.2

PingFederate Server

bundle
pingfederate-112
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.2
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-112
pingfederate
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

Create a JSON Web Token (JWT)JSON Web Token (JWT)JWT An IETF standard container format for a JSON object used for the secure exchange of content, such as identity or entitlement information. To read the industry standard, see RFC 7519 access token management instance.

  1. Go go Applications > OAuth > Access Token Management.
  2. To create a new access token management instance, click Create New Instance.
  3. On the Type tab:
    1. Enter a name for the instance in the Instance Name field and an ID in the Instance ID field.
    2. In the Type menu, select JSON Web Tokens.
    3. Click Next.
  4. On the Instance Configuration tab:
    1. In the Certificates section, click Add a new row to 'certificates'.
    2. In the Key ID field, enter an ID for the key.
    3. In the Certificate menu, select your sighing certificate, and click Update.
    4. In the JWS Algorithm menu, select RSA using SHA-256.
    5. In the Active Signing Certificate Key ID menu, select the key ID you entered in step b.
      Screen capture of the Instance Configuration tab, on which you select your certificate and give it a Key ID.
    6. Click Next.
  5. On the Session Validation tab, click Next.
  6. On the Access Token Attribute Contract tab:
    1. Make sure User_Key is selected in the Subject Attribute Name menu.
    2. In the Extend the Contract field, enter admin_role, and click Add.
    3. Repeat step b to add the iss, memberOf, and sub attributes.
    4. Click Next.
  7. On the Resource URIs and Access Control tabs, click Next.
  8. On the Summary tab, review your configuration. Click Save.