Configuring SCIM inbound provisioning - PingFederate - 11.2

PingFederate Server

bundle
pingfederate-112
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.2
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-112
pingfederate
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

In the IdP Connections window, configure System for Cross-domain Identity Management (SCIM)System for Cross-domain Identity Management (SCIM)SCIM An application-level, HTTP-based protocol for provisioning and managing user identity information. SCIM supplies a common schema for representing users and groups and provides a REST API. inbound provisioning to provide a two-way mapping of attributes.

The first way facilitates SCIM operations used to create and update records in the datastore. The second way allows the same SCIM client to retrieve those records and have the attribute values mapped back to their corresponding designation in the client store. The dual mapping provides greater flexibility, especially for OGNL-expression transformations (for example, converting two attributes into one multivalued attribute and then back again). For more information, see Writing user information to the datastore and Configuring a SCIM response.

Note:

SCIM-client requests must include authentication credentials, which you configure on the Credentials > Back-Channel Authentication tab. The same credentials needed for single sign-on (SSO)single sign-on (SSO)sso The process of authenticating an identity (signing on) at one website (usually with a user ID and password) and then accessing resources secured by other domains without re-authenticating., are also used for SCIM transactions.

  1. On the Authentication > Integration > IdP Connections window, create a new IdP connection or select an existing IdP connection.
  2. On the Connection Type tab, select the Inbound Provisioning check box and one of the following options:
    • User Support
    • User and Group Support
  3. On the Inbound Provisioning tab, click Configure Inbound Provisioning to begin the configuration of SCIM inbound provisioning.
    Screen capture of the Inbound Provisioning tab.