-
In Authorization Servers, select the authorization server just created. For example, SDx API.
-
Select the Claims tab, and click Add Claims.
-
In the Add Claims dialog box, set the claims as shown in the following example:
Name
Value
Scopes
Type
Included
sub
(appuser !=null) ? appuser.userName : app.clientid
Any
access
Always
ingr.session_id
String.replace(String.replace(String.replace(Time.now(), ":", ""), "-", ""), ".", "")
Any
access
Always
name
String.join("", user.firstName, user.lastName)
Any
access
Always
All the claim names and values must be set in lowercase.
-
Click Create.
The sub claim on the generated token contains the user name you must use in the application.
When Okta configures the user and Okta is used as the identity provider, the user
name must match the name of the Okta user. When Okta employs users configured by an
external identity provider, such as Active Directory, the users must be created in
HxGN SDx before you can log in. Alternatively, you can create a default template user
in SmartPlant Foundation to avoid setting up each user. For more information, see
Configure a template user in SmartPlant Foundation.