Inbound provisioning configurations can be defined in Service provider configuration at the admin console of the Identity Server.
...
- Sign in. Enter your username and password to log on to the Management Console.
- In the Main menu under the Identity section, click ListResident under Service Providers. The list of service providers you added appears.
- Click the Resident Service Provider link.
-
In the page that appears, expand the Inbound Provisioning Configuration section.
Info When configuring Inbound Provisioning Configuration, you can enable dumb mode for inbound provisioning by marking the check box available there. When this is enabled, Users/Groups will not provision to the user store, they will only outbound provisioned.
From the dropdown available, select the user store domain you prefer.
Tip Tip: If you do not specify any user store domain in the configuration (basically keep it without selecting anything), the user is created in the user store domain that is contained in the request. For example, In the SCIM provisioning request, you can send the user name in the following format.
Code Block {Domain-Name}/usernameIf the
Domain-Nameis not specified with theusername, the user is provisioned to the primary user store.However, if you specify the user store in the configuration, the user is created in the configured user store domain regardless of the what is specified in the request.
- Click Update to save your configurations.
...
Execute the following curl request (which will use SCIM to create a new user).
Code Block curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"mervyn","givenName":"samuel"},"userName":"samuel","password":"samuel","emails":[{"primary":true,"value":"samuel@wso2.com"}]}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/UsersInfo Refer SCIM 1.1 APIs page for more details on SCIM
- On the Management Console, click on Users and Roles in the Identity menu in Main tab.
Click List and then Click Users and check if the user you added is listed in the user management user interface. If the user has been created in the configured or requested user store, the provisioning has worked successfully.
...
- Sign in. Enter your username and password to log on to the Management Console.
- Navigate to the Identity menu in Main tab. Click List under Service Providers.
- Find the service provider you just created and click Edit.
- In the form that appears, expand the Inbound Authentication Configuration and then the OAuth/OpenID Connect Configuration and click Configure.
- Fill in the form that appears.
Here we use the playground sample as the Callback Url for the purposes of this example scenario. - Click Add.
- We now have an OAuth Client Key and OAuth Client Secret. Click Show to view the OAuth Client Secret.
Use a service like Base64 to encode your OAuth Client Key and OAuth Client Secret. For this example, click Encode and enter your client key and client secret separated by a colon ":". Click the > ENCODE < button to encode this.
Use the encoded value to generate the access token by inserting it into the following cURL command after
Basic.Code Block curl -v -X POST -H "Authorization: Basic N2pHaXl5NnRmcl9RSXp2NGZRSUYzcG92aDJRYTpDd09fRWVBdndLaW1vT0pOc0VGdWNHYjIzNWNh" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=password&username=admin&password=admin" https://localhost:9443/oauth2/token
The access token can be found in the output.
The access token is then entered in the provisioning request after
Bearer.
...
Execute the following curl request (which will use SCIM to create a new user).
Code Block curl -v -k --header "Authorization: Bearer 955fded39fc6cb08525b5f2a35b3e2e" --data '{"schemas":[],"name":{"familyName":"fernando","givenName":"yohanna"},"userName":"yohanna","password":"yohanna","emails":[{"primary":true,"value":"yohanna@wso2.com"}]}' --header "Content-Type:application/json" https://localhost:9443/wso2/scim/UsersInfo Refer SCIM 1.1 APIs page for more details on SCIM
- On the Management Console, click on Users and Roles in the Identity menu in Main tab.
- Click List and then Click Users and check if the user you added is listed in the user management user interface. If the user has been created in the configured or requested user store, the provisioning has worked successfully.
...