Ping Identity Data Sync Server - Ping One Sync Source

Data Sync Server Documentation Index
Configuration Reference Home

Ping One Sync Source

A Ping One Sync Source defines the source of a Sync Pipe that is an Environment in PingOne.

A Ping One Sync Source provides a method for synchronizing users to directories and data sources from a single environment within the PingOne cloud directory. PingOne has a strict user schema which may require custom attribute mapping. An example dsconfig script file is provided in the resource directory. Consult the PingOne documentation for further details.

Ping One Sync Source does support pre-encoded user password synchronization. Consult the PingOne documentation for a list of the supported pre-encoding formats.

↓Parent Component
↓Relations from This Component
↓Properties
↓dsconfig Usage

Parent Component

The Ping One Sync Source component inherits from the Sync Source

Relations from This Component

The following components have a direct aggregation relation from Ping One Sync Sources:

Passphrase Provider

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	↓ realtime-sync-polling-offset
↓ api-url
↓ environment-id
↓ auth-url
↓ oauth-client-id
↓ oauth-client-secret
↓ oauth-client-secret-passphrase-provider
↓ population-to-synchronize
↓ actor-id-to-ignore

Basic Properties

description

Description	A description for this Sync Source
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

api-url

Description	Specifies the API endpoint for the PingOne web service.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

environment-id

Description	Specifies the PingOne Environment that will be associated with this Ping One Sync Source. The Environment ID can be found under the Settings tab in the PingOne Admin Console.
Default Value	None
Allowed Values	Environment ID must be in the format of a UUID v4.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

auth-url

Description	Specifies the API endpoint for the PingOne authentication service. The Auth URL can be found under the Connections tab in the PingOne Admin Console. Specifically, it is within the Application configured for use with Data Sync Server. The necessary URL will be in the Configuration section as the Token Endpoint.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

oauth-client-id

Description	Specifies the OAuth Client ID used to authenticate connections to the PingOne API. The Client ID can be found under the Connections tab in the PingOne Admin Console. Specifically, it is within the Application configured for use with Data Sync Server.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

oauth-client-secret

Description	Specifies the OAuth Client Secret used to authenticate connections to the PingOne API. The Client Secret can be found under the Connections tab in the PingOne Admin Console. Specifically, it is within the Application configured for use with the Data Sync Server. Exactly one of the oauth-client-secret and oauth-client-secret-passphrase-provider properties must be specified.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

oauth-client-secret-passphrase-provider

Description	Specifies a passphrase provider that can be used to obtain the OAuth Client Secret used to authenticate connections to the PingOne API. The Client Secret can be found under the Connections tab in the PingOne Admin Console. Specifically, it is within the Application configured for use with the Data Sync Server. Exactly one of the oauth-client-secret and oauth-client-secret-passphrase-provider properties must be specified.
Default Value	None
Allowed Values	The DN of any Passphrase Provider.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

population-to-synchronize

Description	When polling for changes the Data Sync Server will ignore changes to resources that are not members of this list. The Ping One Sync Source setting provides the ability to only synchronize users from specific populations. By default, it will synchronize users from all of the populations in the configured environment. If this is not desired, a list of population ids or names may be specified to limit the scope of synchronized users.
Default Value	Users in all populations will be synchronized.
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

actor-id-to-ignore

Description	When polling for changes the Data Sync Server will ignore changes caused by these OAuth clients or users. By default, Ping One Sync Source will synchronize changes originating from any user or application (OAuth client). In some cases, namely bi-directional synchronization, it is necessary to specify one or more actors whose changes should be ignored. In the case of bi-directional synchronization, specifying the id of the OAuth client configured for the corresponding PingOne Sync Destination will prevent unnecessary changes from being processed.
Default Value	None
Allowed Values	A string
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

Advanced Properties

realtime-sync-polling-offset (Advanced Property)

Description	The Data Sync Server polls for realtime changes based on the timestamp of activity log entries. To avoid missing changes due to clock skew, recent changes that have occurred within the configured offset will not be retrieved. Effectively the synchronization of all changes that occur in the PingOne environment will be delayed by this configured offset. Decreasing the configured value reduces the synchronization delay but increases the possibility of missed changes. Whereas increasing the value increases the delay but decreases the possibility of missed changes.
Default Value	5 seconds
Allowed Values	A duration. Lower limit is 2000 milliseconds.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured Sync Sources:

dsconfig list-sync-sources
     [--property {propertyName}] ...

To view the configuration for an existing Sync Source:

dsconfig get-sync-source-prop
     --source-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Sync Source:

dsconfig set-sync-source-prop
     --source-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Ping One Sync Source:

dsconfig create-sync-source
     --source-name {name}
     --type ping-one
     --set api-url:{propertyValue}
     --set environment-id:{propertyValue}
     --set auth-url:{propertyValue}
     --set oauth-client-id:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Sync Source:

dsconfig delete-sync-source
     --source-name {name}