WSO2 Identity Server can mediate authentication requests between service providers and identity providers. At the same time, the Identity Server itself can act as a service provider and an identity provider. When it acts as a service provider it is known as the resident service provider.
The Identity Server mainly acts as a resident service provider while adding users to the system. You can enable provisioning configurations for the resident service provider. For example, if you try to add users to the system via the SCIM API and authenticate these users using HTTP basic authentication, the system will read the provisioning configurations from the resident service provider.
At the same time, if you want to configure outbound provisioning for any user management operation done via the management console, SOAP API or the SCIM API, you must configure outbound provisioning identity providers against the resident service provider. So, based on the outbound configuration, users added from the management console will also be provisioned to external systems like Salesforce and Google Apps.
Follow the instructions below to configure a resident service provider in the WSO2 Identity Server.
- Sign in. Enter your username and password to log on to the management console.
- In the Main menu under the Identity section, click List under Service Providers. The list of service providers you added appears.
- Click the Resident Service Provider link.
- The Resident Service Provider page appears.
- Select the user store domain to provision users and groups for inbound authentication for SCIM or SOAP requests.
- For outbound provisioning configurations, select the identity provider from the dropdown list available and click the plus button to add this identity provider for provisioning. For an identity provider to appear on this list you have to add the identity provider in the Identity Server.
- Click Update.