This documentation is for WSO2 Identity Server 5.0.0. View documentation for the latest release.
Configuring Outbound Provisioning Connectors for an Identity Provider - Identity Server 5.0.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

You can configure outbound provisioning connectors.

In addition to this, you can also create custom connectors which will be added to the list of outbound provisioning connectors once created.

Configuring Google provisioning

  1. Expand the Google Provisioning Configuration form.
  2. Fill in the following fields where relevant.

    FieldDescription
    Enable ConnectorSelecting this enables identity provisioning through the Google domain.
    Google DomainThe name of the Google domain used to provision users to the Identity Server.
    Primary EmailSelect the primary email address from the dropdown. This must be a claim that is available and local in the Identity Server
    Given NameSelect the given name from the dropdown. This must be a claim that is available and local in the Identity Server
    Family NameSelect the family name from the dropdown. This must be a claim that is available and local in the Identity Server
    Service Account EmailThis email is used for authentication purposes.
    Private KeyBrowse and attach the private key from your local machine.
    Administrator's EmailThis is the email of the administrator who owns the service account in the Google Domain specified. Provisioning takes place using this email, so specifying this here serves as a means for authentication.
    Application NameThis is the name of the application which is used to represent the Google connector.

Configuring Salesforce provisioning

  1. Expand the Salesforce Provisioning Configuration form.
  2. Fill in the following fields where relevant.

    FieldDescription
    Enable ConnectorSelecting this enables identity provisioning through Salesforce.
    API versionThis is the version of the Salesforce API that is used for provisioning.
    Domain NameThis is the name of the Salesforce domain used to provision users.
    Client IDThis is the username of the client you are using to access Salesforce.
    Client SecretThis is the password of the client you are using to access Salesforce.
    UsernameThis is the Salesforce username.
    PasswordThis is the Salesforce password.

    About claim configuration for Salesforce

    The following claims must be configured when configuring Salesforce for outbound provisioning. See Configuring Outbound Provisioning with Salesforce for more information on how to do this.

    • Email
    • EmailEncodingKey
    • LanguageLocaleKey
    • LastName
    • LocaleSidKey
    • ProfileId
    • TimeZoneSidKey
    • Username
    • UserPermissionsCallCenterAutoLogin
    • UserPermissionsMarketingUser
    • UserPermissionsOfflineUser

Configuring SCIM provisioning

The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in the WSO2 Identity Server easier. Identity provisioning is a key aspect of any identity management solution and, as such, is very relevant to SCIM. In simple terms, it is to create, maintain and delete user accounts and related identities in one or more systems or applications in response to business processes which are initiated either by humans directly or by automated tasks.

  1. Expand the SCIM Provisioning Configuration form.
  2. Fill in the following fields where relevant.

    FieldDescription
    Enable ConnectorSelecting this enables identity provisioning through SCIM.
    UsernameThis is the username of the SCIM application.
    PasswordThis is the password of the SCIM application.
    User EndpointYou can configure users and groups in SCIM. This is the URL for the users.
    Group EndpointThis is the URL for the groups.
    User Store DomainThe user store that users are created.

Configuring SPML provisioning

  1. Expand the SPML Provisioning Configuration form.
  2. Fill in the following fields where relevant.

    FieldDescription
    Enable ConnectorSelecting this enables identity provisioning through SPML.
    UsernameThis is the username of the SPML application.
    PasswordThis is the password of the SPML application.
    SPML EndpointThis is the SPML URL.
    SPML ObjectClassThe ObjectClass for SPML. This value is required as it links with the ObjectClass in SPML which is used to provide data from the user store.
  • No labels