Manage external resource provisioning directly with Apache Syncope

The main purpose of identity management systems is to manage user and role provisioning.

Provisioning operations can act on Apache Syncope only or be propagated towards external resources as well (propagation).

Provisioning will occur on a certain external resource every time the operation involves users or roles assigned to that resource.

By the way, Apache Syncope empowers the possibility to control the existence of users/roles on external resources giving the possibility to manage remote provisioning directly.

In fact, an authorized user (or an internal task - a sync task, for instance) can ask for

• link / unlink users/roles to/from specific resources (soft link),
• assign / unassign users/roles to/from specific resources (hard link),
• provision / de-provision users/roles on/from specific resources (maybe, without any link).

Link/Unlink

Apache Syncope gives the possibility to create and remove a sort of soft linking between users/roles and resources.

This kind of link doesn't imply any propagation at link creation/deletion time.

Provision/De-Provision

Apache Syncope gives the possibility to directly provision and de-provision users/roles on/from resources, without any link in place.

This provisioning feature (disjoint from the resource link mechanisms) is often very useful in case of reclaims.

Assign/Unassign

Apache Syncope gives the possibility to create and remove a sort of hard linking between users/roles and resources.

This kind of link implies propagation at link creation/deletion time: it is the composition between link/unlink and provision/de-provision operations.

Try out these new features into the trunk: start your new project and explore resource management features from users list.

0 VOTINot rated yet