PingOne

Editing custom ID token mappings

You can customize the content of an OpenID Connect (OIDC) ID token by adding custom attributes and their values.

The claim defined by the mapping is returned in the ID token, regardless of the scopes specified in the authorization request. For example, if you want to include a user’s account ID in ID tokens associated with the specified OIDC application, you can map the user’s account ID to the accountId PingOne user attribute.

You can map PingOne user attributes or static attributes to custom attributes in the application you are adding.

Mapping PingOne attributes

You can map PingOne attributes to custom attributes in your application. For example, you could map account ID in PingOne to User ID in the application.

Steps

  1. In the PingOne admin console, go to Applications > Applications and browse or search for the application for which you want to map attributes.

    You can also add an application. Learn more in Adding an application.

  2. Click the application entry to open the details panel for the application.

  3. On the Attribute Mappings tab, click the Pencil icon.

  4. Click Add.

  5. Enter the following:

    • Attributes: Enter the custom application attribute, such as account ID.

    • PingOne Mappings: Select an attribute in the list, such as User ID. You can browse or search for attributes.

  6. If the value is a required attribute for the application, select the Required checkbox.

    If you request an ID token with a claim that is marked as required but doesn’t have a value, PingOne will return an error. If the value is not marked as required and doesn’t have a value, the property will be omitted from the token.

  7. To use the expression builder, click the Gear icon. Learn more in Using the expression builder.

  8. Click Save.

Mapping static attributes

Some service providers require global values for all users to be passed in the assertion. You can use PingOne to map these keys to fixed values.

Steps

  1. In the PingOne admin console, go to Applications > Applications and browse or search for the application for which you want to map attributes.

    You can also add an application. Learn more in Adding an application.

  2. Click the application entry to open the details panel for the application.

  3. On the Attribute Mappings tab, click the Pencil icon.

  4. Click Add.

  5. Enter the following:

    • Attributes: Enter the custom application attribute, such as Version.

    • PingOne Mappings: Enter a value, such as 2.0.

  6. To use the expression builder, click the Gear icon. Learn more in Using the expression builder.

  7. Click Save.

OSZAR »