Managing Application Attributes
To manage application attributes:
- Sign in to your Access Gateway InstanceAn instance, or computer instance, is a virtual machine (VM) or individual physical computer, used to host a software appliance..
- From the Topology tab or the Applications tab open the application.
- Select the Attributes pane.
The list of known attributes for the application will display and resemble:
. . .
- From the available set of attributes choose one of:
Add a new attribute Delete an existing attribute Modify an existing attribute Test an attribute set
Add a new attribute
- Select the Add () icon in the attribute list header.
The new Attribute dialog will be displayed.
Note you may need to scroll the display as new attributes are added at the bottom.
- From the Data Source drop down select an appropriate data source.
See Data Source Types below for a list of supported data source types and their meaning.
- From the Field drop down select a field name.
- From the Type drop down select the appropriate target type, either Header or Cookie.
- In the Name field enter the name for the header or cookie value expected by the legacy application.
For example, to map the idPAn acronym for Identity Provider. It is a service that manages end user accounts analogous to user directories such as LDAP and Active Directory, and can send SAML responses to SPs to authenticate end users. Within this scenario, the IdP is Okta. field username to the header field login, we would create an attribute resembling:
- Click Okay when the attribute is complete.
Delete an existing attribute
- Select the delete () icon next to the attribute to be deleted.
- In the confirm dialog click Yes to delete the attribute or No to cancel the delete operation.
Modify an existing attribute
- Select the edit () icon next to the attribute to be modified.
The Edit existing Attribute dialog will be displayed.
- Modify the attribute as required.
- Click Okay to save the modified Attribute or Cancel to cancel the modification.
Test an attribute set
- Select the test () icon in the attribute list header.
The simulator dialog will display.
- Enter a value for any field that you wish to test.
- Click Test.
- Examine the result. Note you may need to scroll the simulator window down to see the test results.
- Modify a value and re-run the test or click Close to close the simulator dialog.
Application attributes are defined using the following fields:
Controls whether an attribute is present or not present within a header or cookie.
Attributes used for policy decisions ate typically set to Don't Send.
Originating source for the contents of the attribute. Can be any of a number of sources including idP, various contexts, Data Stores and others.
Field and Record Number
Either Field and Record Number, of Value.
For non-static fields Field used as the source for the attribute.
Maximum length: 128 characters.
Method for passing attributes. Can be one of:
Associated field in either the header or cookie.
The Data Source field defines the source for the value of the attribute. The following data sources are available:
|IDP||The value of the is populated from the IDP field selected in the Value field. This is your Okta Tenant|
|Static||The value of the attribute is fixed and defined in the Value field|
|Secret||The value of the attribute is a static protected value, used as a secret key by the application in order to trust the headers that originate from the Access Gateway.|
The value of the attribute comes from the OID datasource. The OID Datasouce is available in the Oracle E-Business Suite and other application types which provide LDAPLightweight Directory Access Protocol (LDAP) is a lightweight client-server protocol for accessing directory services, specifically X.500-based directory services. LDAP runs over TCP/IP or other connection oriented transfer services. support. Typically used to to retrieve the Oracle GUID.
|Auth Context||The value of the attribute comes from the authentication context which includes the remote address and session id|
|AppAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. Context||The value of the attribute comes from the application context and includes such fields as domainA domain is an attribute of an Okta organization. Okta uses a fully-qualified domain name, meaning it always includes the top-level domain (.com, .eu, etc.), but does not include the protocol (https)., cookie domain,|