DNN SCIM User Provisioning and Sync
provides an option to sync users (create, update, delete and deactivate) in
real-time. SCIM is an open standard that allows for the automation of user
provisioning. User provisioning and sync is the process of creating, reading,
and updating a user's account information and access policies for multiple
applications and systems simultaneously. Users are given the adequate amount
of access and permissions based on their role and duties within an
organization. User provisioning maintains security and compliance standards
while ensuring that the employees have just the right level of access to the
organization's resources to carry out their set of tasks. Follow the
step-by-step guide to configure PingOne User (SCIM) Provisioning in DotNetNuke
(DNN).
Download & Installation
Download
the DNN SCIM User Provisioning & Sync module.
Now go to Settings >> Extensions and click on
Install Extension for installing the miniOrange DNN SCIM User
Provisioning module.
Click on miniOrange User Provisioning and Sync to drag-and-drop this
module on any section of the page.
You have successfully installated the DNN SCIM module on your DNN website.
1. Configure DNN as SCIM server
Navigate to the DNN SCIM Settings tab to configure DNN SCIM & User
Provisioning module.
Copy the SCIM Provisioning URL and Bearer Token, and keep it
handy, we will require it later.
Under SCIM Operations you can perform the following two operations:
A] Provisioning
Create User - To create a user provisioned to the DNN website
Update User - To update a user provisioned to the DNN website
B] Deprovisioning [PREMIUM+]
Delete User - To delete a user in your DNN website
Deactivate User - To deactivate a user in your DNN website
Enable Deprovisioning for Administrators - To enable deprovisioning
at the administrator level
Navigate to Attribute Mapping section to map IDP attributes to your DNN
website.
You can map any attributes of the IdP to the attributes in the users table
of your database.
According to SCIM protocol, attributes received from IDP are "userName",
"emails", "givenName", "familyName".
Attribute Name
Attribute Value
Username
userName
Email
emails
First Name
givenName
Last Name
familyName
Custom Attribute Mapping
This feature is available in the premium+ version.
After successfully configuring basic attribute mapping, click on
Save Mapping.
2. Configure PingOne as SCIM client
Go to
PingOne
portal and login with the administrator account.
After logging in, you will need to add the environment for your application.
In the left tab, under the Connections section, select the
Provisioning.
Click on + to add the new connection.
Select the SCIM based connection type and click on Select.
Under Create a New Connection, enter the Name and
Description and click on Next.
In the next step, under the Configure Authentication section, enter
the SCIM BASE URL from step 1.
In the Authentication method field, select the
OAuth 2 Bearer Token from the dropdown.
Enter the SCIM Bearer Token in the OAuth Access Token field
from step 1 and click on Test Connection.
In the Configure Preferences, keep the field information as default
and click on Finish.
Under the Connections tab, select the application you have configured
then enable the toggle button displayed on the right hand corner.
Navigate back to the Provisioning tab and click on New Rule.
Enter the name and description and click on Create Rule button.
Under the Available Connection, select the configured application and
click on Save.
In the Custom Filter section, add the appropriate attributes in the
Attribute field and its Value. Click on Save.
Enable the toggle, to enable the rules.
You can now assign the users by going to the Users tab under the
Identities in the left pane.
Click on Add User button to add user for provisioning.
You have successfully configured the miniOrange DNN SCIM User Provisioning
module with PingOne. You can configure DotNetNuke (DNN) User Provisioning and
Sync with
Azure AD, Salesforce, OneLogin, PingFederate, Okta, Centrify, JumpCloud
as well as with your own custom IDP.
Contact us on
dnnsupport@xecurify.com
and we'll help you set up DotNetNuke Two Factor Authentication (2FA), for
quick guidance (via email/meeting) on your requirement and our team will
help you to select the best suitable solution/plan as per your requirement.
×
Hello there!
Need Help? We are right here!
Contact miniOrange Support
Thanks for your inquiry.
If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com