Atlassian

Creating a provisioning connection

To allow PingFederate to manage users in Atlassian Cloud, create a service provider (SP) connection.

Steps

  1. In the PingFederate administrator console, configure the data store that PingFederate will use as the source of user data.

    For instructions, see Datastores in the PingFederate documentation.

    • When targeting users and groups for provisioning, exclude the user account that you will use to administer users in your connection to Slack. This prevents the PingFederate provisioning engine from interfering with the account that provisions users and groups.

  2. Enable provisioning:

    1. On the System → Protocol Settings → Roles & Protocols tab, select Enable Identity Provider IdP Role and Support the Following.

    2. Select Outbound Provisioning. Click Save.

  3. On the Identity Provider tab, in the SP Connections area, open an existing connection or create a new one as follows:

    1. Click Create new.

    2. On the Connection Template tab, select Use a template for this connection.

    3. In the Connection Template list, select Atlassian Provisioner.

    4. Click Choose File, select the atlassian-saml-metadata.xml file from the Atlassian Cloud Provisioner .zip archive, and then click Open. Click Next.

  4. On the Connection Type tab, select Outbound Provisioning and clear any unwanted types. Click Next.

  5. On the General Info tab, in the Base URL field, enter the Directory base URL that you noted in Getting an Atlassian API key. The rest of the connection information is populated by the metadata XML file. Click Next.

  6. On the Outbound Provisioning tab, configure the provisioning target and channel as shown in Configure outbound provisioning in the PingFederate documentation.

    1. Click Configure Provisioning.

    2. On the Target tab, in the Directory base URL field, enter the value that you noted in Getting an Atlassian API key.

    3. In the API key field, enter the value that you noted in Getting an Atlassian API key.

      PingFederate verifies the token when you activate the channel and SP connection.

    4. Under Provisioning Options, customize the provisioning connector actions as shown in Provisioning options reference. Click Next.

    5. On the Manage Channels tab, create a channel as shown in Manage channels in the PingFederate documentation. Click Done.

      For more information about the attributes available in your channel configuration, see Supported attributes reference.

    6. On the Outbound Provisioning tab, click Next.

  7. On the Activation and Summary tab, above the Summary section, turn on the connection. Click Save.