This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
  • Created by Former user, last modified by Former user on Apr 11, 2016
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

This page is not public

Viewing of this page has been restricted to internal users only until there is sufficient content.

This topic provides instructions on how to provision users to a trusted identity provider from the WSO2 Identity Server, based on the user roles. In outbound provisioning, when the users are created, they are provisioned to the trusted identity provider. In role based provisioning, the user is provisioned when the user is added to a preconfigured role, and the user is deleted from the trusted identity provider, when the user is removed from the role.

Configuring an identity provider

  1. Download the WSO2 Identity Server and run it.
  2. Log in to the Management Console as an administrator.
  3. Navigate to the Main menu and access the Identity menu. Click Add under Identity Providers.See here for more information on this.
  4. Enter "role based provisioning" as the Identity Provider name for this scenario.
  5. Configure the Outbound Provisioning Connectors with SPMLSCIM or Salesforce connecter.
  6. Expand Role Configuration and add a role name (or set of roles as a comma separated list) in Identity Provider OutBound Provisioning Roles (here we have added role named provision). If you don't have roles already follow the instructions in here to add roles.
  7. Click Update to save changes.

Configuring outbound provisioning

  1. In the Main menu under the Identity section, click List under Service Providers. The list of service providers you added appears.
  2. Click the Resident Service Provider link.

  3. Then expand the Outbound Provisioning Configuration section and add the created identity provider and select the connecter from the dropdown list.

    If we enable Blocking, Identity Server will wait for the response from the Identity Provider to continue.

  4. Click Update.

Provisioning Users

  1. On the Main tab in the management console, click Add under Users and Roles in the Identity menu.
  2. Click Add New User. See Configuring Users for more information on this process.
  3. Provide a username and a password(with confirmation) and Click Next.
  4. Click Finish to create the user.
  5. User will not be provisioned to the identity provider.
  6. On the Main tab in the management console, click List under Users and Roles in the Identity menu.
  7. Click Users and then Assign Roles action of the newly created user. Enable "provision" role (any role added in Role Configuration of the identity provider) and click Finish.
  8. User will be provisioned to the identity provider.
  9. On the Main tab in the management console, click List under Users and Roles in the Identity menu.
  10. Click Users and then Assign Roles action of the newly created user. Disable "provision" role (any role added in Role Configuration section of the identity provider) and click Finish.
  11. User will be removed from the identity provider.
  • No labels