Configuring Identity Store Provisioners
PingFederate allows you to create custom identity store provisioners to bridge the inbound system for cross-domain identity management (SCIM) processing of PingFederate to your own user store. For example, you might need to create a custom identity store provisioner that works with an application-specific user database schema.
Using the SDK for PingFederate, you can create and test these custom identity store provisioners. For more information, see the PingFederate SDK Developer’s Guide.
To support custom attributes, you must add the schema extension and the custom attributes to the identity provider (IdP) connection. Furthermore, you need to take the expected data structure of the custom attributes into consideration when implementing the IdentityStoreProvisioner interface and its methods. In other words, your methods must be able to create, read, update, and delete/deactivate the custom attributes and their sub-attributes if the custom attributes are complex attributes to and from your user store. For more information about custom attributes, complex attributes, and other attribute types, see Defining custom SCIM attributes and SCIM 1.1 Core Schema.
|
The identity store provisioner option is active only after you enable Inbound Provisioning. |
|
By default, PingFederate automatically checks multi-connection errors whenever you access this window. This verifies that configured connections are not adversely affected by changes made here. If you experience noticeable delays in accessing this window, you can disable automatic connection validation. Go to System → Server → General Settings. |