LTPA token capabilities for identity mapping
This topic describes the integration node web services capability for identity mapping using an LTPA token.
Identity mapping from or to an LTPA identity token is supported only in the following configurations:
Capability
- Identity mapping
Policy Enforcement Point (PEP) and direction
- In (provider)
Configured with a security policy set and bindings that specifies an LTPA pass-through authentication token.
Configured with a security profile defining the external Policy Decision Point (PDP); see the PDP section that follows.
Trust store or PDP
- WS-Trust v1.3 STS
Configured by using a WS-Trust v1.3 STS security profile that specifies identity mapping; see Creating a security profile for WS-Trust V1.3 (TFIM V6.2).