Managing authentication policy contract grant mapping - PingFederate - 11.3

PingFederate Server

bundle
pingfederate-113
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.3 (Latest)
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-113
pingfederate
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

Use the Authentication Policy Contract Grant Mapping window to map values obtained from the authentication policy contract into the persistent grants. Persistent grants and any associated attributes and their values remain valid until the grants expire or until PingFederate explicitly revokes or cleans them up.

The USER_KEY attribute is the identifier of the persistent grants. The USER_NAME attribute presents the name shown to the resource owner on OAuth user-facing pages. If extended attributes are defined in System > OAuth Settings > Authorization Server Settings, configure a mapping for each attribute. You can optionally set up datastore queries to supplement values returned from the source. This mapping configuration is suitable for the Authorization Code and Implicit grant types.

Go to Authentication > OAuth > Authentication Policy Contract Grant Mapping and perform one of the following actions.
ActionSteps
Create a mapping Select the source of the attributes from the list and click Add Mapping.
Modify an existing mapping Select your mapping under Mappings.
Remove an existing mapping or cancel the removal request Click Delete or Undelete under Action.
Note:

Before removing a mapping from your configuration, ensure that it is not used by your OAuth use cases. Any corresponding entries defined in Applications > OAuth > Access Token Mapping will also be removed.