Security > Provisioning > Using SCIM with ThingWorx > Configure SCIM in the PingFederate Administrative Console > Configure a Password Credential Validator Instance
  
Configure a Password Credential Validator Instance
* 
For more information, see the Ping Identity Knowledge Center: Password credential validators.
Create a Password Credential Validator Instance
1. Select Server Configuration > Authentication > Password Credential Validators. Click Create New Instance.
2. Enter the following and then click Next:
Instance Name
A unique name.
Instance Id
A unique ID.
Type
Simple Username Password Credential Validator
3. Click Add a new row to ‘Users’ and add a ThingWorx administrator.
* 
Ensure the username and password matches an existing ThingWorx user.
4. Click Save to create your validator instance.
Map the Instance to a Persistent Grant Contract
1. Select OAuth Settings > Resource Owner Credentials Mapping.
2. Select your validator instance from the drop-down menu and click Add Mapping. Click Next.
3. Under Contract Fulfillment, select the following:
USER_KEY
Password Credential Validator
Value
username
4. Click Next and then Save.
Map Username and USER_KEY
1. Select OAuth Settings > Access Token Management.
2. Click Internally Managed Reference Tokens.
3. Ensure username appears under Access Token Attribute Contract. If it is not already added, select the Access Token Attribute Contract tab to add it.
4. Select OAuth Settings > Access Token Mapping. Click Default.
5. Ensure username is mapped to USER_KEY: