Setup for SCIM UserSync connector¶

• Enable Privacera UserSync:

  cd ~/privacera/privacera-manager
  cp config/sample-vars/vars.privacera-usersync.yml config/custom-vars/
  

• Enable the SCIM connector:

  cd ~/privacera/privacera-manager
  cp config/sample-vars/vars.privacera-usersync.scim.yml config/custom-vars/
  vi config/custom-vars/vars.privacera-usersync.scim.yml
  

• Edit the following properties:

• SCIM_URL: The SCIM endpoint URL

• SCIM_AUTH_TYPE: Authentication type for SCIM service (bearer/basic).

• ADMIN_USER_BEARER_TOKEN: Bearer token if SCIM_AUTH_TYPE is "bearer"

• SCIM_AUTH_USERNAME: Username if SCIM_AUTH_TYPE is "basic"

• SCIM_AUTH_PASSWORD: Password if SCIM_AUTH_TYPE is "basic"

• SCIM_SEARCH_USER_GROUPONLY: Syncs only users that are members of synced groups (true/false).

• SCIM_ATTRIBUTE_USERNAME_VALUE_EXTRACTFROMEMAIL: Extracts the username from the email address (true/false). By default, username is mapped to "userName" which may contain an email address.

• Post configuration, deploy the changes Using Privacera Manager.

To add an SCIM UserSync connector on Privacera Cloud, follow these steps:

1. From the navigation menu, select Settings > UserSync Configuration.

2. Choose a data source, click the dots icon, and select Add Application.

3. From the Application List section, select USERSYNC.

4. From the Service Type dropdown, select SCIM.

5. In the Connector Name field, enter a name for the connector.

6. In the BASIC tab, enter the values in the respective fields.

7. Complete each step and advance through the pages of the configuration wizard.

8. Complete all BASIC values, then review and update ADVANCED values as required.

   Username Attribute Modification

   Some services provide username in the format of an email address. If username format should be the first part of email address then visit the Advanced tab of the Base User Attributes section and update the Username Attribute field to Extract from email.

9. Click FINISH.