Click Policies > Policies.
Select the policy container, then click New.
Specify a name for the policy, select Access Gateway: Identity Injection for the type of policy, then click OK.
Specify the following details:
Description: (Optional) Describe the purpose of this policy. Because Identity Injection policies are customized to match the content of a specific web server, you might want to include the name of the web server as part of the description.
Priority: Specify the order in which a rule is applied in the policy, when the policy has multiple rules. The highest priority is 1 and the lowest priority is 10.
In the Actions section, click New, then select one of the following.
Inject into Authentication Header: Inserts the username and password into the header. See Configuring an Authentication Header Policy.
Inject into Custom Header: Inserts custom names with values into the custom header. See Configuring a Custom Header Policy.
Inject into Custom Header with Tags: Inserts custom tags with name/value content into the custom header. See Configuring a Custom Header with Tags.
Inject into Query String: Inserts a query string into the URL for the page. See Specifying a Query String for Injection.
Inject into Cookie Header: Inserts the session cookie into the cookie header. See Injecting into the Cookie Header.
Inject Kerberos Ticket: Inserts authentication values from the Kerberos ticket into the custom header. See Configuring an Inject Kerberos Ticket Policy.
Inject OAuth Token: Injects OAuth token into the web applications’ header as an authorization bearer. See Configuring an OAuth Token Inject Policy.
(Optional) Repeat Step 5.
Repeat this process to add multiple actions to the same rule. If a particular action is allowed only once per rule, then the action does not appear in the New menu if that action has already been defined in the rule. If an action is allowed multiple times per rule, you can select it from the New menu or use the Copy Action icon and modify the new entry.
Click OK > OK > Apply Changes.
For information about how to assign the policy to a protected resource, see Assigning an Identity Injection Policy to a Protected Resource.