Page created: 29 Jan 2021 |
Page updated: 22 Sep 2021
PingFederate provides cross-domain user provisioning and account management.
User provisioning is an important aspect of identity federation. When organizations enable SSO for their users, they must ensure that some form of account synchronization is in place. Automated user provisioning features within PingFederate free administrators from having to devise a manual strategy for this.
Provisioning support takes different forms, depending on what role PingFederate plays in an identity federation, and you can configure it either in conjunction with partner SSO connections or separately:
- IdP sites support automatic provisioning and maintaining user accounts at service
provider (SP) sites that have implemented the system for cross-domain identity
management (SCIM) or at selected software as a service (SaaS) providers. For more
information, see the next section, Outbound provisioning for IdPs.
For information about SCIM, see www.simplecloud.info.
- When PingFederate is configured as a SP, it supports provisioning and managing user accounts and groups for your own organization automatically by using the standard SCIM protocol or by using identity information received during SSO events from SAML assertions. For more information, see Provisioning for SPs.