How-tos

2 mins read

Using Data Lineage

Learn about the data integration possibilities brought to you by Authorization Control Plane's Data Lineage.

Prerequisites

To use Data Lineage for demonstration purposes, you only need access to an Cloudentity tenant with a workspace. Your authorization server should already contain pre-configured IDPs, authentication context, and initial data mappings, which should be enough to get an idea of the data flow in Cloudentity.

Map Attributes to Authentication Context

In the video below, we are adding the Login attribute, which is a part of user data incoming from GitHub, to the Nickname attribute which is defined in the Authentication Context schema. As a result, the nickname claim in the generated ID token has the user’s GitHub login as a value.

Map your attributes and claims in a similar fashion to make sure that you’re sending the correct data to correct applications.

Create New Claims from Authentication Context

In the video below, we are mapping the name IDP paramter to a Custom authentication context attribute. Then, we are creating a new Custom claim by dragging the attribute from the authentication context area to the application area.

As a result, the following happens:

  • New Custom claim is created in the authorization server and assigned to be requested by the app. The Custom scope (matching the claim name) is assigned to the claim automatically.

  • Upon a successful authentication via an IDP, the application receives the requested scopes, including the Custom claim in the tokens issued by Cloudentity.

Updated: Jun 20, 2023