Manage OAuth 2.0 mapping rules (Federation)

Use the mapping rules to customize the methods for the OAuth 2.0 or OIDC flow. The OAuth 2.0 and OIDC mapping rules are JavaScript code that run during the OAuth 2.0 or OIDC flow. We can view, export, and replace OAuth or OIDC mapping rules.

View the mapping rule if we want to see the content and structure of the mapping rule. Export the mapping rule if we want to save a copy of the mapping rule. We can also edit this copy. Replace a mapping rule to use a new mapping rule.

Steps

1. Log in to the local management interface.
2. Click AAC > Policy > OpenID Connect and API Protection or Federation > Manage > OpenID Connect and API Protection.
3. Click Mapping Rules.
4. Perform one or more of the following actions:

   View a mapping rule

   1. Select a mapping rule.
   2. Click . The View Mapping Rule panel opens. The content of the mapping rule is displayed.
   3. Click OK to close the panel.

   Export a mapping rule

   1. Select a mapping rule.
   2. Click .
   3. Choose a location and save the file.

   Replace a mapping rule:

   Use an existing mapping rule as the basis for the updated mapping rule.

   1. Select a mapping rule that we want to replace.
   2. Click . The Replace Mapping Rule panel opens.
   3. Click the field or Browse and select a file.
   4. Click OK to upload the mapping rule.

5. When you replace a mapping rule, the appliance displays a message there are undeployed changes. If you are finished with the changes, deploy them.

   For information, see Deploying pending changes.

• OAuth 2.0 mapping rule methods
  We can use Java methods to customize the PreTokenGeneration and PostTokenGeneration mapping rules.

Parent topic: Mapping rules

Related reference

• OAuth 2.0 and OIDC mapping rule methods