Aquera Provisioner

Aquera Provisioner

The Aquera Provisioner allows PingFederate to integrate with any application supported by Aquera for user provisioning and single sign-on (SSO).

Features

  • Manages users in the target service based on changes in an external data store that is attached to PingFederate.

    • Creates, updates, disables, and deletes users.

    • Allows you to enable the create, update, disable, and delete capabilities independently.

    • Allows you to choose whether to disable or delete users when deprovisioning.

    • Allows you to provision disabled users.

  • Manages groups in the target service based on changes in an external data store that is attached to PingFederate.

    • Creates, updates, and deletes groups.

    • Updates group memberships.

  • Enables browser-based SSO initiated by the service provider (SP) or identity provider (IdP).

The Aquera Provisioner implements the official SCIM specifications provided from simplecloud.info. The following table provides a brief summary.

Feature Outbound provisioning

SCIM specification

Step 2.0

Data format

JSON

User and group CRUD operations

Yes

Custom schema support

Yes. The connector retrieves the target service schema from Aquera.

Filtering support

Users: Yes

Groups: Yes, if the target service supports it. Otherwise, the connector attempts to get all groups and find a match.

PATCH

Users: No

Groups: Yes

Authentication method

Basic authentication and bearer token authentication

Source data stores

Active Directory and other LDAPv3-compliant directory servers

Attribute support varies by target service. The Aquera Provisioner dynamically gets attributes from Aquera for each target service.

Intended audience

This document is intended for PingFederate administrators.

Learn more about the setup process from the following resources:

System requirements

  • PingFederate 9.0 or later.

  • To allow PingFederate to make outbound connections, you might need to allow the following Aquera endpoint (use your tenant ID):

    • http://api.aquera.com/Tenants/:tenantid