Enabling provisioning in PingFederate
To use PingFederate for provisioning, configure an external datastore and enable outbound provisioning.
About this task
Your external datastore acts as the source of data for provisioning. PingFederate also uses an internal datastore to store the state of synchronization between the source datastore and the target datastore.
Learn more in Datastores and Configuring outbound provisioning settings in the PingFederate documentation.
Steps
-
Configure the external datastore that PingFederate will use as the source of user data. For instructions, see Adding a new datastore in the PingFederate documentation.
When targeting users and groups for provisioning, exclude the user account that you will use to administer users in your connection to Salesforce. This prevents the PingFederate provisioning engine from interfering with the account that provisions users and groups.
-
Do one of the following:
Choose from:
-
For PingFederate 10.1 or later: go to System → Server → Protocol Settings.
-
For PingFederate 10.0 or earlier:
-
Go to System → Protocol Settings → Roles & Protocols.
-
Select Enable Identity Provider IdP Role and Support the Following.
-
Select Outbound Provisioning. Click Next.
-
-
-
On the Outbound Provisioning tab, select the PingFederate internal datastore. Click Save.
For help, see Configuring outbound provisioning settings in the PingFederate documentation.