- What's New
- Service Overview
- Getting Started
- User Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Instance Management
- Access Control Attribute Management
-
Permission Set Management
- Adding a System-defined Identity Policy
- Deleting a Permission Set
- Querying Permission Set Details
- Updating a Permission Set
- Deleting a System-defined Identity Policy
- Querying Details About a Custom Identity Policy
- Adding a Custom Identity Policy
- Deleting a Custom Identity Policy
- Listing Accounts Associated with a Permission Set
- Listing System-defined Identity Policies
- Listing Pre-provisioning Statuses of Permission Sets
- Listing Permission Sets
- Creating a Permission Set
- Listing Permission Sets Provisioned to an Account
- Pre-provisioning a Permission Set
- Querying Pre-attachment Status Details of a Permission Set
- Adding a System-defined Policy
- Deleting a System-defined Policy
- Listing System-defined Policies
-
Account Assignment Management
- Removing Account Assignments
- Querying Details about the Account Assignment Creation Status
- Listing Account Assignment Creation Statuses
- Listing Account Assignment Deletion Statuses
- Listing Users or Groups Associated with an Account and a Permission Set
- Creating Account Assignments
- Querying Details about the Account Assignment Deletion Status
- Tag Management
- User Management
- Group Management
- Group Membership Management
- SCIM User Management
- SCIM Group Management
- Service Provider (SP) Management
- Client Management
- Token Management
- Device Authorization Management
- Authorization Management
- Account Management
- Agency Management
- Credentials Management
- Appendixes
- Change History
- General Reference
Copied.
Enabling or Disabling SCIM Automatic Provisioning
IAM Identity Center supports automatic provisioning (synchronization) of user and group information from your IdP into IAM Identity Center using the SCIM v2.0 protocol. When you configure SCIM synchronization, you create a mapping of your IdP user attributes to the named attributes in IAM Identity Center. This causes the expected attributes to match between IAM Identity Center and your IdP. You configure this connection in your IdP using your SCIM endpoint for IAM Identity Center and a bearer token that you create in IAM Identity Center.
This section includes the following content:
- Enabling Automatic Provisioning
- Disabling Automatic Provisioning
- Generating or Deleting an Access Token
Enabling Automatic Provisioning
Automatic provisioning is available only when the identity source is configured as an external identity provider.
- Log in to the Huawei Cloud console.
- Click
in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
- Choose Settings in the navigation pane.
- On the Identity Source tab, select SCIM automatic provisioning for Provisioning Method and click Save.
Figure 1 Enabling SCIM automatic provisioning
- In the displayed dialog box, copy the SCIM endpoint and access token. You will need this information when configuring provisioning in your IdP.
The access token is displayed only once and cannot be viewed later. However, you can generate new tokens at any time. For details, see Generating or Deleting an Access Token.
Figure 2 Inbound automatic provisioning - Click Close.
Disabling Automatic Provisioning
- Log in to the Huawei Cloud console.
- Click
in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
- Choose Settings in the navigation pane.
- On the Identity Source tab, select Set Automatic Provisioning for Provisioning Method.
Figure 3 Setting automatic provisioning
- In the Configuration area, click Disable in Status. In the displayed dialog box, enter DISABLE and click OK.
After you disable automatic provisioning, user updates that are made in the identity provider will not be synchronized. In addition, all access tokens will be removed. To re-enable automatic provisioning, you must generate a new access token.
Figure 4 Disabling automatic provisioning
Generating or Deleting an Access Token
- Log in to the Huawei Cloud console.
- Click
in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
- Choose Settings in the navigation pane.
- On the Identity Source tab, select Set Automatic Provisioning for Provisioning Method.
Figure 5 Setting automatic provisioning
- On the displayed page, in the Access Tokens area, click Generate.
Figure 6 Generating an access token
- In the token list, select one or more tokens to be deleted and click Delete.
- In the displayed dialog box, enter DELETE and click OK.
Figure 7 Deleting an access token
NOTE:
IAM Identity Center supports two access tokens at most. To generate additional access tokens, delete expired or unused access tokens.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot