Identifying expected user attributes for the SCIM response
An attribute contract is a set of user attributes that you and your partner agree will be sent in a System for Cross-domain Identity Management (SCIM) response for this connection.
About this task
On the Attribute Contract tab, the attributes you mapped to user account attributes on the Write Users tab appear under Attribute Contract.
Optionally, you can mask the values of attributes in the log files that PingFederate writes when it sends the SCIM response.
There are multiple SCIM attributes that are managed internally by PingFederate and are unavailable for inclusion in the attribute contract:
-
id -
active
Steps
-
Click Available SCIM Attributes near the lower-left corner of the tab to include additional attributes you want to map in the SCIM response.
Option Action Add an attribute
Enter the attribute name in the text box, select the check box under Mask Values in Log as needed, then click Add.
Attribute names are case-sensitive and must correspond to the attribute names expected by your partner. To see a list of available attributes, click Available SCIM attributes.
Modify an attribute name or masking selection
Click Edit under Action for the attribute, make the change, then click Update.
If you change your mind, make sure you click Cancel under Actions, not the Cancel button, which discards any other changes you might have made in the configuration steps.
Delete an attribute
Click Delete under Action for the attribute.