The Client Registration Policy plugin allows you to write custom processing rules to provide additional control over which registrations and configurations are accepted and stored for each client created with the OAuth 2.0 Dynamic Client Registration protocol.
Depending on the technical requirements of your use cases, you can create Client Registration Policy plugins using the PingFederate SDK. After deploying your plugins, you can create and configure instances of them. Configuration requirements vary based on your custom solutions. When you are ready to configure dynamic client registration, add your policies to its configuration.
For more information, refer to the Javadoc for the
DynamicClientRegistrationPlugininterface, the SoftwareStatementValidatorPlugin.java file for a sample implementation, and the SDK developer's guide for build and deployment information.Tip:
The Javadoc for PingFederate and the sample implementation are in the <pf_install>/pingfederate/sdk directory.
Create, modify, or remove one or more instances.
- To configure a new instance, click Create New Instance.
- To modify an existing instance, select it under Instance Name.
- To remove an existing instance or to cancel the removal request, click
Delete or Undelete under
You can remove a Client Registration Policy instance only if it is not currently in-use by dynamic client registration.
- To save the plugin configuration, click Save.
A Client Registration Policy instance is not enforced, or executed as part of the dynamic client registration process, until it is selected on the Client Registration Policies window.