Ping Identity Data Sync Server - SCIM2 External Server

Data Sync Server Documentation Index
Configuration Reference Home

SCIM2 External Server

SCIM2 External Servers may be used to interact with servers using the SCIMv2 protocol.

↓Parent Component
↓Relations from This Component
↓Relations to This Component
↓Properties
↓dsconfig Usage

Parent Component

The SCIM2 External Server component inherits from the External Server

Relations from This Component

The following components have a direct aggregation relation from SCIM2 External Servers:

HTTP Authorization Method

HTTP Proxy External Server

Key Manager Provider

Trust Manager Provider

Relations to This Component

The following components have a direct aggregation relation to SCIM2 External Servers:

SCIM2 Sync Destination

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ description	None
↓ scim-service-url
↓ http-proxy-external-server
↓ key-manager-provider
↓ trust-manager-provider
↓ ssl-cert-nickname
↓ hostname-verification-method
↓ http-authorization-method
↓ response-timeout
↓ client-reconnect-interval

Basic Properties

description

Description	A description for this External Server
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

scim-service-url

Description	The base URL for the SCIMv2 service. It must include the hostname, port, and base path to use to make SCIMv2 calls.
Default Value	None
Allowed Values	An absolute URL, or a relative URL
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

http-proxy-external-server

Description	A reference to an HTTP proxy server that should be used for requests sent to the SCIMv2 service.
Default Value	No HTTP proxy server will be used.
Allowed Values	The DN of any HTTP Proxy External Server.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

key-manager-provider

Description	The key manager provider to use if it is necessary to present a client certificate to the SCIMv2 server.
Default Value	No client certificate will be presented to the SCIMv2 server.
Allowed Values	The DN of any Key Manager Provider. The key manager provider must be enabled.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

trust-manager-provider

Description	The trust manager provider to use to determine whether to trust the certificate presented by the SCIMv2 server during TLS negotiation.
Default Value	A default set of trust managers will be used.
Allowed Values	The DN of any Trust Manager Provider. The trust manager provider must be enabled.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

ssl-cert-nickname

Description	The nickname (alias) of the entry in the associated key store that holds the client certificate chain to present to the SCIMv2 server during TLS negotiation. This may be left undefined if either no key manager provider is specified or if the JVM should automatically select an appropriate certificate from the associated key store.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

hostname-verification-method

Description	The method that should be used to validate the hostname in the server certificate presented during TLS negotiation.
Default Value	strict
Allowed Values	strict - Indicates that strict hostname validation should be used, which will require the server certificate to contain a subject alternative name extension with a value that matches the address used to connect to the SCIMv2 server. If the server certificate does not include a subject alternative name extension, then the CN value in the certificate subject DN will be used as a fallback. allow-all - Indicates that no certificate hostname validation should be used.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

http-authorization-method

Description	The method to use to authorize requests sent to the SCIMv2 server.
Default Value	None
Allowed Values	The DN of any HTTP Authorization Method. The HTTP authorization method must be enabled.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

response-timeout

Description	The maximum length of time to wait for a response from the SCIMv2 server when processing operations.
Default Value	10 s
Allowed Values	A duration. Lower limit is 0 milliseconds.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

client-reconnect-interval

Description	The maximum length of time that a client instance should remain active before being recreated. Periodically recreating the SCIMv2 client instance will help ensure that authorization credentials may be periodically refreshed (for example, in the case of OAuth 2.0 access tokens obtained using the client credentials grant). If the associated HTTP authorization method indicates that there is a maximum lifetime associated with the authorization credentials, and if that lifetime is shorter than the configured client reconnect interval, then the credential lifetime will be used instead. If no client reconnect interval value is specified, and if the HTTP authorization method does not indicate that there is a maximum lifetime for the configured credentials, then the SCIMv2 client will not be periodically recreated unless a communication failure occurs and indicates that a reconnect may be necessary.
Default Value	None
Allowed Values	A duration. Lower limit is 0 milliseconds.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured External Servers:

dsconfig list-external-servers
     [--property {propertyName}] ...

To view the configuration for an existing External Server:

dsconfig get-external-server-prop
     --server-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing External Server:

dsconfig set-external-server-prop
     --server-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new SCIM2 External Server:

dsconfig create-external-server
     --server-name {name}
     --type scim2
     --set scim-service-url:{propertyValue}
     --set http-authorization-method:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing External Server:

dsconfig delete-external-server
     --server-name {name}