Aquera Provisioner
The Aquera Provisioner allows PingFederate to integrate with any application supported by Aquera for user provisioning and single sign-on (SSO).
Features
-
Manages users in the target service based on changes in an external data store that is attached to PingFederate.
-
Creates, updates, disables, and deletes users.
-
Allows you to enable the create, update, disable, and delete capabilities independently.
-
Allows you to choose whether to disable or delete users when deprovisioning.
-
Allows you to provision disabled users.
-
-
Manages groups in the target service based on changes in an external data store that is attached to PingFederate.
-
Creates, updates, and deletes groups.
-
Updates group memberships.
-
-
Enables browser-based SSO initiated by the service provider (SP) or identity provider (IdP).
The Aquera Provisioner implements the official SCIM specifications provided from simplecloud.info. The following table provides a brief summary.
| Feature | Outbound provisioning |
|---|---|
SCIM specification |
Step 2.0 |
Data format |
JSON |
User and group CRUD operations |
Yes |
Custom schema support |
Yes. The connector retrieves the target service schema from Aquera. |
Filtering support |
Users: Yes Groups: Yes, if the target service supports it. Otherwise, the connector attempts to get all groups and find a match. |
PATCH |
Users: No Groups: Yes |
Authentication method |
Basic authentication and bearer token authentication |
Source data stores |
Active Directory and other LDAPv3-compliant directory servers |
Attribute support varies by target service. The Aquera Provisioner dynamically gets attributes from Aquera for each target service.
Intended audience
This document is intended for PingFederate administrators.
If you need help during the setup process, see the following resources:
-
PingFederate documentation:
-
Aquera documentation:
-
Connectors documentation for the target service