PingDirectory

Configuring the Identity Access API

Steps

  1. Ensure that you have run the scim-config-ds.dsconfig script to configure the SCIM interface. Be sure to enable the entryDN virtual attribute.

  2. Set a combination of properties to allow the SCIM clients access to the raw LDAP data: include-ldap-objectclass, exclude-ldap-objectclass, include-ldap-base-dn, or exclude-ldap-base-dn.

    Example:

    $ bin/dsconfig set-http-servlet-extension-prop \
      --extension-name SCIM --set 'include-ldap-objectclass:*' \
      --set include-ldap-base-dn:ou=People,dc=example,dc=com

    Result:

    The SCIM clients now have access to the raw LDAP data via LDAP object class-based resources as well as core SCIM resources as defined in the scim.resource.xml file.