SCIM Provisioner
The SCIM Provisioner allows PingFederate to integrate with a wide range of services that support the System for Cross-domain Identity Management (SCIM) for user provisioning and single sign-on (SSO).
Features
-
Manages users in the target service based on changes in an external datastore that is attached to PingFederate.
-
Creates, updates, disables, and deletes users
-
Allows you to enable the create, update, disable, and delete capabilities independently
-
Allows you to choose whether to disable or delete users when deprovisioning
-
Allows you to provision disabled users
-
-
Manages groups in the target service based on changes in an external datastore that is attached to PingFederate.
-
Creates, updates, and deletes groups
-
Updates group memberships
-
-
Enables browser-based SSO initiated by the service provider (SP) or identity provider (IdP).
The SCIM Connector implements the official specifications provided from simplecloud.info. The following table provides a brief summary.
Feature | Outbound provisioning |
---|---|
SCIM specification |
Step 1.1, 2.0 |
Data format |
JSON |
User and group CRUD operations |
Yes |
Custom schema support |
Users: Yes. Groups: No. |
Filtering support |
Users: Yes Groups: The connector allows group filtering by retrieving all groups and finding a match. |
PATCH |
Users: No Groups: Yes |
Authentication method |
HTTP Basic Authentication, OAuth bearer token and OAuth client credentials |
Source data stores |
Active Directory and other LDAPv3-compliant directory servers |
Components
The SCIM provisioning and SSO connector:
-
Allows PingFederate to manage users in the service based on changes in an external user data store
-
Optional configuration allows PingFederate to create an SSO connection to the service
-
Includes a quick-connection template that pre-populates some configuration settings
Intended audience
This document is intended for PingFederate administrators.
If you need help during the setup process, see the following resources:
-
PingFederate documentation:
-
The SCIM 1.1 Developer Guide on the Ping Identity Developer site
-
The SCIM specification on simplecloud.info