Step 1: Open the OTK User Authentication Extension policy and turn on ‘Show Comments’ and ‘Show Assertion Numbers’

Step 2: Copy line 10 and update the comments to reflect your LDAP configuration

Step 3: Expand line 16 and double-click the Request: Authenticate against Internal Identity Provider assertion and select your LDAP instance. Double-click the Extract Attributes for Authenticated User assertion and select your LDAP instance.

Step 4: Right-click on line 9 and select the Add ‘At least one…’ Folder

Step 5: Move both IDP logic blocks into the folder – it should look like the following:

Step 6: Click Save and Activate

Step 7: Open the OTK User Attribute Look Up Extension policy and turn on ‘Show Comments’ and ‘Show Assertion Numbers’

Step 8: Click on line 5 and line 6

Step 9: Make a copy of line 8 and disable the first copy

Step 10: Double-click line 9; click the entry under Rules and click Edit

Step 11: Add a pipe “|” and each username that will be logging into the OAuth Manager

Step 12: Click OK and click OK again – Click Save and Activate

NOTE: The user(s) logging in to the OAuth Manager must have the Administrator role within the Policy Manager. If a user isn’t defined in the OTK User Attribute Look Up Extension policy, they WILL NOT be able to see all of the client keys. They will only see the client keys they have created.