There's a couple of pieces to this. First, there are the identity providers that have implemented SCIM server functionality themselves. Included in this group are the range of SSO providers supported by PureCloud (Azure AD, Ping, Okta, OneLogin, G Suite). We are working with these vendors to provide out of the box integrations that will install in their respective platforms to leverage the SCIM APIs found on the PureCloud platform. In our work with these vendors, we have identified a couple of things that require some work, either within PureCloud or the Vendor's platform. As we complete this and release these out of the box integrations, we will be updating our release notes and documentation on the resource center to indicate how you might take advantage of them.
Next is an understanding of how these vendors implement SCIM Server functionality without an out of the box integration (most do, but not all). Azure AD is a great example, as they have implement Automated User provisioning for non-gallery apps: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/use-scim-to-provision-users-and-groups. There is also some great information regarding quirks, performance constraints to scim user provisioning that can be found here: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/user-provisioning#how-do-i-set-up-automatic-provisioning-to-an-application Note that the non-gallery app implementation will be completely functional with PureCloud, with a couple of constraints to be aware of:
1. PureCloud currently uses relatively short lived oauth tokens, and Azure AD does not provide a mechanism to refresh your token, so you must handle this manually (not ideal for production usage, but certainly viable for testing purposes; this is one are we are working to address in the near future)
2. This doesn't contain the default mapping to supported attributes on either side, but does contain a generic schema that serves as a starting point. Once the Gallery App for PureCloud User Provisioning rolls out, this will contain a default mapping known to work with PureCloud.
Lastly, if you're intending to utilize SCIM with a resource that we do not have plans for an out of the box integration with, there are custom development options available, but that requires a more thorough understanding of the SCIM specification itself, as well as a review of the existing SCIM implementations that are covered under open source licensing. That information can be found here: http://www.simplecloud.info/
------------------------------
Richard Schott
Genesys - Employees
------------------------------
Original Message:
Sent: 07-31-2019 12:43
From: Charaf Eddine Chemlal
Subject: External Organization - Bridge Synchronization
Thank you for your answers.
Is there a documentation that explains how to implement SCIM that replaces the Bridge ?
Yours,
------------------------------
Charaf Eddine Chemlal
Dimension Data France
Original Message:
Sent: 07-31-2019 12:15
From: Richard Schott
Subject: External Organization - Bridge Synchronization
External contacts are not covered as part of the Active Directory integration, either the Bridge Connector or SCIM implementation. Those integration points are exclusively for the management of PureCloud user profiles. A similar approach could be taken, utilizing a query of the AD system to determine relevant members to sync across and leveraging the Public API for the External Contact objects to manipulate those resources.
------------------------------
Richard Schott
Genesys - Employees
Original Message:
Sent: 07-31-2019 12:07
From: George Ganahl
Subject: External Organization - Bridge Synchronization
That makes sense, now.
I will I'll have to do some thinking and research.
------------------------------
George Ganahl CCXP, GCP
Principal Technology Consultant
Genesys
Original Message:
Sent: 07-31-2019 11:43
From: Charaf Eddine Chemlal
Subject: External Organization - Bridge Synchronization
Hello @George Ganahl
YES !
I'm talking about organizations under the section : Directory/External Contacts/Organizations.
Regards,
------------------------------
Charaf Eddine Chemlal
Dimension Data France
Original Message:
Sent: 07-31-2019 11:35
From: George Ganahl
Subject: External Organization - Bridge Synchronization
Charaf, I'm not sure what you are trying to accomplish. When you say "organizations" do you mean multiple PureCloud organizations that draw user information from the same AD configuration?
------------------------------
George Ganahl CCXP, GCP
Principal Technology Consultant
Genesys
Original Message:
Sent: 07-28-2019 12:03
From: Charaf Eddine Chemlal
Subject: External Organization - Bridge Synchronization
Hello,
I need to create several external organizations (one per city).
would it be possible to restrict access, a contact forming part of the external organization "A" will not be able to see the contacts of organizations "B" ?
How to synchronize the Active Directory contacts with PureCloud ? are there APIs that allow synchronization due to the absence of the bridge ?
What will replace the Bridge ?
Yours,
#Implementation
#PlatformAdministration
------------------------------
Charaf Eddine Chemlal
Dimension Data France
------------------------------