Pass dynamic parameters for policy evaluation

This topic has 3 replies, 2 voices, and was last updated 4 years, 11 months ago by Peter Major.

  • Author
  • #18297

    Is it possible to pass dynamic parameter values to OpenAM policy endpoint and evaluate a particular attribute against the passed value?
    For ex: I would like to pass some value like type=admin to evaluate endpoint and in the policy, I want to check if attribute “employeeType=admin”.

     Peter Major

    You can pass arbitrary data to the policy framework in the environment map. The environment map will be then accessible in a custom policy condition for example.


    Thanks Peter.
    Regarding environment map, I have a question regarding the Identity Membership condition.
    I am not sure how it works, but if I try to invoke a policy with “Identity Membership” condition, it doesn’t work. In the logs, I see InvocatorUUID not available. Should we pass any particular parameter in policy request body for “Identity Membership” condition?

     Peter Major

    Feel free to use your subscription and raise a ticket on backstage if you are having problems with one of the features. Support is there to help…

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?