Ping Identity
This connectivity package provides support for managing users, groups, and roles in Ping Identity.
Supported objects and operations
| System objects | Omada Identity Data Model | Operations |
|---|---|---|
| User | Account | Create, read, update, delete |
| Group | Resource | Read |
| Role | Resource | Read |
| Group membership (users) | Resource | Create, read, update, delete |
| Role assignment (users) | Resource | Read |
Minimum required permissions
See the Ping Identity API documentation for details.
Implementation notes
- User role assignments are only imported - they cannot be managed properly due to the complexity of deleting role assignments. At the moment this connectivity package is released, Ping Identity API requires the specific ID of the role assignment in the URL path when trying to delete it. It is not possible to fetch it.
- The configuration is developed to cater for one specific environment in PingOne. Multiple environments are possible, but you will need to provide additional mappings to import multiple environments.
Network requirements
N/A
Prerequisites
Create an application in PingOne for Omada Identity to integrate. See the Adding an application procedure in the PingOne documentation.
Once the application is created, assign proper access. The minimum level required is Identity Data Admin role. To authenticate, in your newly created application, go to Configuration and gather the following information:
- Client ID
- Client Secret