Adding attribute mapping for inbound provisioning - PingOne

Adding attribute mapping for inbound provisioning - PingOne - PingOne Cloud Platform

PingOne Cloud Platform

bundle

pingone

ft:publication_title

PingOne Cloud Platform

Product_Version_ce

PingOne

PingOne Cloud Platform

category

Product

p1cloudplatform

ContentType_ce

Page created: 22 May 2023 |

Page updated: 22 May 2023

| 2 min read

PingOne Cloud Platform PingOne Product

For inbound provisioning from Workday and SCIM identity stores, you can specify some additional options for onboarding new users. For inbound provisioning, the mapping is applied to the attribute coming from the source identity store before it is saved to the PingOne directory.

Go to Connections > Provisioning.
Click the Rules tab.
Find the appropriate rule and click it to show the details panel.
Click the Configuration tab.
Click Attribute mapping.

Note:
You must have a source and target connection configured before you can set up attribute mapping.
Click the pencil icon to edit the attribute mapping.

Note:
For inbound provisioning rules, the display names of some attributes have changed. For more information, see Updates to inbound provisioning attributes.
Review the attribute mappings for the configured identity store. The source attribute mappings for a particular identity store are provided. For more information, see Mapping attributes.
- To add an attribute mapping, click + Add. Enter the source and target attribute.
- To use the expression builder, click the gear icon. See Using the expression builder.
- To delete a mapping, click the trash can icon.
Click Next.
Enter the following as part of PingOne user onboarding:
- Population. Select a population from the list. When users are synced to PingOne, they will be added to the specified population.
- Authoritative identity provider. Specify the identity provider that will have authority over user records and credentials. PingOne is the default, but if you have configured another IdP, you can select it here. See Authoritative identity providers.
- Password toggle. Determines whether to specify a default password for new users.
- Password. Specify the default password in PingOne for users synced in from an external identity store as a source. Click Set password and then enter a literal value. You can also create a complex password using the functions in the expression builder. For more information, see Using the expression builder.
  Important:
  We recommend using strong passwords, even for temporary passwords.
- Reset their password on first login. Select this option to force users to reset their password the first time they authenticate through PingOne.
Click Finish.

Adding a user filter