If you're using PingOne for Enterprise Directory as an identity repository, you can directly manage users in your directory.
- User Reader
- Groups assigned this role are entitled only to view user and group directory information.
- User Manager
- Groups assigned this role have User Reader entitlements plus the ability to invite and create directory users and modify user attributes, though not group memberships.
- Group and Entitlement Manager
- Groups assigned this role have User Manager entitlements plus the ability to create directory groups, assign entitlements to groups and change group membership.
You need to be either a Global Administrator or Identity Repository Administrator to view and change directory settings.
The PingOne for Enterprise Directory supports user provisioning using the current SCIM protocol (System for Cross-Domain Identity Management: Protocol 1.1).
PingOne for Enterprise Directory attributes are SCIM attributes, and apply to all users. The predefined attributes for the directory are SCIM version 1.1 core schema attributes.
You will find user transactions logged for the PingOne for Enterprise Directory on the Reports page. These transactions are designated by the subsystem Directory. See Managing reports and subscriptions for more information.
You can use the PingOne for Enterprise Directory REST API to validate credentials and authorize user access to perform user or group operations:
- (North America) https://directory-api.pingone.com/api
- (Europe) https://directory-api.pingone.eu/api
- (Australia) https://directory-api.pingone.com.au/api
Access to the directory API requires that you have the client ID and API key for your account. See View or renew directory API credentials for instructions.