Use the POST /oauth/tokenExchange/generator/groups endpoint to create a new OAuth 2.0 Token Exchange Generator group. If the OAuth 2.0 Token Exchange Generator group is not properly configured, a 422 status code is returned along with a list of validation errors that must be corrected.

Status codes

Code Reason
201 Token Exchange Processor Policy created.
400 The request was improperly formatted or contained invalid fields.
403 PingFederate does not have the IdP, SP and OAuth roles enabled. Operation not available.
422 Validation error(s) occurred.

TokenExchangeGeneratorGroup - The set of attributes used to configure a OAuth 2.0 Token Exchange Generator group.

Property Type Description
generatorMappings * array[TokenExchangeGeneratorMapping] A list of Token Generator mapping into an OAuth 2.0 Token Exchange requested token type.
id * string The Token Exchange Generator group ID. ID is unique.
name * string The Token Exchange Generator group name. Name is unique.
resourceUris array[string] The list of resource URI’s which map to this Token Exchange Generator group.

TokenExchangeGeneratorMapping - A Token Generator mapping into an OAuth 2.0 Token Exchange requested token type.

Property Type Description
defaultMapping boolean Whether this is the default Token Generator Mapping. Defaults to false if not specified.
requestedTokenType * string The Requested token type
tokenGenerator * ResourceLink The Token Generator used to generate the requested token

ResourceLink - A reference to a resource.

Property Type Description
id * string The ID of the resource.
location string A read-only URL that references the resource. If the resource is not currently URL-accessible, this property will be null.