Although PingAuthorize Server assumes that PingDirectory Server is the default user store, other LDAPv3-compliant directories are also supported.

You can configure a user store using the prepare-external-store and create-initial-config commands.


When using PingDirectory Server as the user store, first prepare the server by running prepare-external-store. This tool completes the following tasks:

  • Creates the PingAuthorize Server user account on your instance of PingDirectory Server
  • Sets the correct password
  • Configures the account with the required privileges
  • Installs the schema that PingAuthorize Server requires


The create-initial-config command configures connectivity between PingAuthorize Server and the user store. It also creates a System for Cross-domain Identity Management (SCIM) resource type through which PingAuthorize Server obtains the user attributes.

The optional create-initial-config command is recommended for first-time installers. If you do not use create-initial-config, you can configure the following objects:

  • Store adapter
  • SCIM resource type
  • SCIM schema (optional)

If you do not configure these objects, you do not get the user's profile (the requester's attributes). For more information, see User profile availability in policies.

For more information about configuring SCIM, see About the SCIM service.


For an example, see Configuring the PingAuthorize user store.