Skip to main content
Version: v1.7.0

SCIM with PingIdentity

1. Prerequisite

  • PingIdentity account created with sufficient subscription: Ping Identity

2. Create a connection

  1. Navigate to Provisioning section under Integrations, then select Connections tab: Image
  2. Click on plus icon and select New Connection: Image
  3. Select Identity Store: Image
  4. Select SCIM Outbound then click Next: Image
  5. Fill in the name (mandatory) and description if needed, then click Next: Image
  6. Config authentication for connection:
    1. SCIM BASE URL: exposed URL to SCIM service (below example is SCIM url of AlphaSense test environment):
      1. Format: {domain name}/services/scim/v2
    2. Authentication Method: Select OAuth 2 Bearer Token.
    3. Oauth Access Token: API Key of SCIM service: Retrieve Your SCIM API Key Image
  7. Click Test Connection, the below popup will display once connection is established successfully. Then click Next: Image
  8. Here you can set up preferences, let’s keep it as default and click Save: Image
  9. The connection is created but in Disabled mode, enable it by clicking the toggle switch: Image

3. Create a rule

A rule can be established to define additional configurations between the created connection and PingIdentity. This rule instructs PingIdentity on user provisioning criteria and the mapping of attributes between PingIdentity and external resources.

  1. Navigating to Rules tab, click on plus icon and select New Rule: Image
  2. Fill in rule Name and click Create Rule to continue: Image
  3. Select your created connection as Target, and Ping as Source, then Save to continue: Image Image
  4. Click on pencil icon under User Filter to specify which identities are provisioned: Image
  5. Select attribute Username, operator Equals, value testUser. In this example, this means any user has Username equals to testUser will be selected for provisioning. Wide rage of attributes and operators are provided by PingIdentity for you to combine as needed. Select Save to continue: Image
  6. Under Attribute Mapping, select pencil icon to add more fields to be provisioned: Image
  7. There are some default mappings, but you can add more fields by clicking on Add and select value to be mapped. Then Save to continue: Image
  8. Switch the button to enable the rule: Image
  9. The sync status will show as below: Image
note

There is no user to sync because you haven’t created any user that match the filter “ Username equals testUser " as provided example.

4. Create a user

  1. Navigate to Users under Directory, select plus icon to create new user: Image
  2. Fill in some initial details:
    1. Given Name: name of user.
    2. Family name: family name of user.
    3. Username: this is important as it was defined as the attribute to be filtered and selected for provisioning. In the scope of this demo, to satisfy the filter “ Username equals testUser ", you need to set Username as testUser.
    4. Email: this is important as the email of setting the password for user upon first time login will be sent to this mailbox.
    5. Then click Save to continue. Image
  3. Click on pencil icon to add more details: Image
  4. You can optionally fill in some additional fields to make sure provisioned user in AlphaSense will have these details. Then click Save to finish updating: Image

5. Verify user is created in AlphaSense

Navigate to Additional Guides and follow the guide to check: Verify User is Created in AlphaSense