Although PingAuthorize Server assumes that PingDirectory Server is the default user store, other LDAPv3-compliant directories are also supported.

You can configure a user store using the prepare-external-store and create-initial-config commands.


When using PingDirectory Server as the user store, first prepare the server by running prepare-external-store. This tool completes the following tasks:

  • Creates the PingAuthorize Server user account on your instance of PingDirectory Server
  • Sets the correct password
  • Configures the account with the required privileges
  • Installs the schema that PingAuthorize Server requires


The create-initial-config command configures connectivity between PingAuthorize Server and the user store. It also creates a System for Cross-domain Identity Management (SCIM) resource type through which PingAuthorize Server obtains the user attributes.

The optional create-initial-config command is recommended for first-time installers. If you do not use create-initial-config, you can configure the following objects:

  • Store adapter
  • SCIM resource type
  • SCIM schema (optional)

If you do not configure these objects, you do not get the user's profile (the requester's attributes). For more information, see Make a user's profile available in policies.

For more information about configuring SCIM, see About the SCIM service.


For an example, see Configuring the PingAuthorize user store.