Skip to main content

Privacera Documentation

Preview: PingFederate UserSync

Currently available as a Preview feature, PingFederate has two possible Privacera Usersync integrations:

  • Privacera Usersync - SCIM Server : This requires configuration of PingFederate Outbound provisioning.

  • Privacera Usersync - SCIM : This requires configuration of PingFederate Inbound provisioning.

Prerequisites

  • PingFederate Administrator account access with user provisioning enabled.

Privacera Usersync - SCIM Server integration

PingFederate configuration steps

  • In the pingfederate/bin/run.properties file:

    pf.provisioner.mode=STANDALONE
  • See Configuring outbound provisioning in the PingIdentity documentation.

    Notice

    “Provision groups with distinguished name” should be set to false.

Privacera Usersync configuration steps

Privacera Platform

  • The following Privacera Manager (PM) variable needs to be modified to vars.privacera-usersync.scimserver.yml in config/custom_vars:

    SCIM_SERVER_ATTRIBUTE_EMAIL: "emails[type-work].value"

PrivaceraCloud

  • In Base User Attributes, modify Email Address value to: emails[type-work].value

  • In the ADVANCED tab, the value in the Authentication Type field must be simple.

Privacera Usersync - SCIM integration

Configure a SCIM connector with basic authentication.

PingFederate configuration steps

See Configuring SCIM inbound provisioning in the PingIdentity documentation.

Privacera Usersync configuration steps

Privacera Platform
  • The following Privacera Manager (PM) variables need to be added to the vars.privacera-usersync.scim.yml file in config/custom_vars:

    SCIM_AUTH_TYPE: “basic”
    SCIM_AUTH_USERNAME: “{SCIM_USERNAME}”
    SCIM_AUTH_PASSWORD: “{SCIM_PASSWORD}”
  • If PingFederate is using a self signed SSL certificate, set:

    PRIVACERA_USERSYNC_AUTH_SSL_ENABLED: “true”
  • Place the certificate in: privacera-manager/config/ssl/custom_certificates

PrivaceraCloud
  • Note

    PrivaceraCloud only supports CA signed SSL certificates.

    Configure Connector Endpoint URL:

    https://<HOST>:9031/pf-scim/v1/Users