Dynamic attributes
We can capture additional context-based access information in dynamic attributes that we create or customize.
Attributes used to calculate risk score come from various sources. Context-based access can capture and use many default attributes. However, we might require more information to be captured. This data can come from:
- Data that is gathered when a session is established sent to the Attribute Collector Service. This data persists during the session and is stored in the session table in context-based access. This type of information is gathered by the info.js file.
- Data that is derived from a particular request for which authorization is being performed. This data can be stored in either the session or behavior tables.
- Data provided by a PIP during the authorization decision. This data can be stored in either the session or behavior tables.
This type of data can be captured in dynamic attributes.
- Scenarios for adding and manipulating attributes
We can dynamically add attributes or manipulate the values of attributes for various purposes.- Coding the dynamic.attributes.js file
Add JavaScript code to the dynamic.attributes.js file to dynamically add attributes or modify the values of attributes.- Updating and deploying the dynamic.attributes.js file
To implement the dynamic.attributes.js file on the appliance, update the file and then deploy the change.
Parent topic: Attributes
Related concepts