PingDirectory

Enabling the Delegated Admin user REST resource type certificate upload feature

In Delegated Admin 4.10.0 and later, you can add a certificate to a user REST resource type profile in the Delegated Admin application.

To use the Delegated Admin certificate upload feature, you must first enable the feature. You can use the PingData administrative console or dsconfig to perform this task.

After you’ve enabled the feature, it’s ready to use when creating a new user or when editing an existing user. To use the enabled certificate upload feature, see Uploading a certificate to a user REST resource type profile in Delegated Admin.

Enabling the user profile certificate upload feature using the administrative console

About this task

To enable the Delegated Admin user REST resource type certificate upload feature using the PingData administrative console:

Steps

  1. In the Web Services and Applications list, select REST Resource Types.

  2. In the REST Resource Types list, select your user REST resource type.

  3. Go to Delegated Admin Attributes and click New Delegated Admin Attribute.

  4. In the New Delegated Admin Attribute list, select Certificate Delegated Admin Attribute.

    Screen capture showing the Delegated Admin New Attribute list with the Certificate Delegated Admin Attribute highlighted.

  5. In the Attribute Type field, enter the attribute type, such as userCertificate.

  6. Enter a Display Name for the attribute.

  7. Keep the default values for Mutability.

  8. Optional: To allow multiple files to be uploaded for one user, enable Multi Valued.

  9. Enter a Display Order Index or keep the default, 0.

  10. In the Allowed MIME Type list, select your desired allowed MIME file types in the Available column, and use the arrows to add your selections to the Selected column.

    Screen capture showing the Delegated Admin new certificate attribute Allowed Mime Type Available and Selected columns with the selection arrows highlighted.

  11. Click Save.

Enabling the user profile certificate upload feature using dsconfig

About this task

To allow multiple files to be uploaded for one user, set multi-valued to true, as in the second example.

To enable the Delegated Admin user REST resource type profile certificate upload feature using dsconfig:

Steps

  • Run dsconfig create-delegated-admin-attribute.

    Example:

    The following example creates a userCertificate attribute with .cer and .crt set as accepted file types:

    bin/dsconfig create-delegated-admin-attribute \
    --type-name users  \
    --attribute-type userCertificate  \
    --type certificate  \
    --set "display-name:user certificate"  \
    --set display-order-index:3  \
    --set allowed-mime-type:cer  \
    --set allowed-mime-type:crt -n

    Example:

    The following example creates a multivalued userCertificate attribute with .cer and .crt set as accepted file types:

    bin/dsconfig create-delegated-admin-attribute \
    --type-name users  \
    --attribute-type userCertificate  \
    --type certificate  \
    --set "display-name:user certificate"  \
    --set multi-valued:true  \
    --set display-order-index:3  \
    --set allowed-mime-type:cer  \
    --set allowed-mime-type:crt -n