Specifying custom SCIM attributes
You can configure simple, multivalued, and complex custom System for Cross-domain Identity Management (SCIM) attributes in PingFederate.
About this task
PingFederate supports SCIM attributes in the core schema and custom attributes through a schema extension.
|
Custom attributes are optional. If your use case does not require any additional attributes, click Next on the Custom SCIM Attributes tab. |
To support custom attributes, you must specify the schema extension and the custom attributes in the connection. There are four attribute types:
-
Simple attributes
-
Simple multivalued attributes
-
Complex attributes
-
Complex multivalued attributesThe following fragment illustrates a SCIM message supporting schema extension
urn:scim:schemas:extension:custom:1.0with four attributes, one of each attribute type. The table afterward describes the details of each attribute.
{
"userName":"CBrown",
"active":true,
"schemas":[
"urn:scim:schemas:core:1.0",
"urn:scim:schemas:extension:custom:1.0"
],
...
"urn:scim:schemas:extension:custom:1.0":{
"supervisor":"JSmith",
"territories":[
"Montana",
"Idaho",
"Wyoming"
],
"options":{
"quantity":"10000",
"strike" :"5.25",
"first" :"2017-12-01",
"last" :"2025-03-31"
},
"tablets":[
{
"model" :"8086",
"serial":"5500-2020-965",
"type" :"office"
},
{
"model" :"8088",
"serial":"5500-2040-151",
"type" :"remote"
}
]
}
}| Attribute Name | Attribute Type | Sub-Attributes (Complex) | ||
|---|---|---|---|---|
|
Simple |
Not applicable |
||
|
Simple multivalued |
Not applicable |
||
|
Complex |
|
||
|
Complex multivalued |
|
|
For more information about SCIM and attribute types, see the website www.simplecloud.info. |
Steps
-
Go to Applications → Integration → SP Connection → Configure Channels. Specify the URI of the schema extension in the Extension Namespace field.
The default value is
urn:scim:schemas:extension:custom:1.0. You can keep this value if your partner identifies custom attributes by this URI in its SCIM messages. -
Enter an attribute name and click Add to add a custom attribute. Repeat this step to add more custom attributes as needed.
Use the Delete and Undelete workflow to remove or cancel the removal request of existing custom attributes.
-
Click Edit next to the custom attribute to perform one of the following tasks.
Change the attribute name
-
Replace the current value in the Name field.
-
Click Done.
Set the attribute as a simple multivalued attribute
-
Select the Is Multivalued check box.
-
Click Done.
Add sub-attributes to make the attribute a complex attribute
-
Enter a sub-attribute and click Add. Repeat this step to add more sub-attributes as needed.
-
Use the Edit, Update, and Cancel workflow to make or undo a change to the name of a sub-attribute. Use the Delete and Undelete workflow to remove a sub-attribute or cancel the removal request.
-
Click Done.
Add sub-attributes and set the attribute as a complex multivalued attribute
-
Enter a sub-attribute and click Add. Repeat this step to add more sub-attributes as needed.
Use the Edit, Update, and Cancel workflow to make or undo a change to the name of a sub-attribute. Use the Delete and Undelete workflow to remove a sub-attribute or cancel the removal request.
-
Select the Is Multivalued check box.
-
Specify at least one value under the Types column for
type, a reserved sub-attribute for a complex multivalued attribute.Use the Edit, Update, and Cancel workflow to make or undo a change to the
typevalue. Use the Delete and Undelete workflow to remove atypevalue or cancel the removal request. -
Click Done.
-