Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

How to add a Custom Provisioning App


This guide provides a comprehensive overview of the steps needed to configure Custom provisioning effectively. By following these steps, you can streamline user management, automate access to necessary tools, and enhance security through predefined roles.

1. Create Custom App

  • Login into miniOrange Admin Console.
  • Go to Apps and click on Add Application button.
  • Custom Provisioning App - Select Add Application

  • Under Choose Application, select Provisioning from the All Apps dropdown.
  • Custom Provisioning App - Select Provisioning

  • Search for your application from the list, if your application is not found. Search for Custom provisioning and you can set up your app via Custom provisioning.
  • Custom Provisioning App - Select Custom Provisioning

  • Enter the Display Application Name and then click on Next.
  • Custom Provisioning App - Enter App Name

2. Add Authorization for the API’s

  • Select Authorization and click on Add Configuration.
  • Custom Provisioning App - Add Configuration

  • The user can select any one of the 4 Authorization Types based on their requirements.
    • Basic
    • Bearer
    • OAuth 2.0
    • Custom
  • When you select Authorization Type as Basic, add the Authorization Name, Client Id and Client Secret of the app your configuring with and click Save.
  • Custom Provisioning App - Authorization Type Basic

  • When you select Authorization Type as Bearer, add the Token value to give access to the APIS and click on Save.
  • Custom Provisioning App - Authorization Type Bearer

  • When you select Authorization Type as OAuth 2.0, under Request Settings, enter the Access Token URL , Client ID, Client Secret, and Client Credentials of the app you are configuring, then click Save.
  • Custom Provisioning App - Authorization Type Basic - Authorization Type OAuth

    Custom Provisioning App - OAuth token

  • Switch to Response Settings tab, and configure OAuth 2.0 token handling by defining Token Keys, Expiry Details, and Token Type. Click on Save.
  • OAuth 2.0 Token Response Settings - Authorization Type OAuth

  • When you select Authorization Type as Custom, select the URL Method, add URL.
  • Custom Provisioning App - Authorization Type Custom

    Custom Provisioning App - Custom token

3. Create User

  • Select miniOrange to External App and click on Add Event Configuration.
  • Custom Provisioning App - Select Provisioning event configuration

  • Add the Event Configuration Name and the API endpoint.
  • Custom Provisioning App - Add Event Configuration Name

  • Select the Authorization which you had created in Step 2.
  • Custom Provisioning App - Select authorization

  • Add Headers if the API request any other information.
  • Custom Provisioning App - Add headers

  • In the request Body, map the parameters of the API with attributes of a user in miniOrange using @ symbol (You will receive a dropdown to select the user attribute).
  • Custom Provisioning App - Map Attributes

  • Store the user identifier we will receive in the response to map it with other user related API's and click on Save.
  • Custom Provisioning App - Store User Identifier

  • Turn on provisioning for this event to activate the configuration.
  • Custom Provisioning App - Enable Provisioning

4. Update User

  • Select End User Updated from the choose Event dropdown.
  • Add @ExternalUserId at the end of your API Endpoint to pass the user identifier, and click Save.
  • Custom Provisioning App - Update User

5. Create Group

  • Go to Groups >> Manage Groups from the left menu and click on Create Group on the top right corner of the page.

  • Custom Provisioning App - Create Group

  • Enter Group Name and create the group.

  • miniOrange Identity Platform Admin Handbook: Add group

6. Add Policy

  • Go to Policies >> App Login Policy from the side menu.
  • Click on the Add Policy button .
  • miniorange Identity Platform Admin Handbook: Policies Flowchart

  • Enter the required details in the dialog box that appears:
    • Select the Application Name from the dropdown that you have created.
    • Select the Group Name from the dropdown list.
    • Enter a Policy Name of your choice.
    • In First Factor there are two options:
      • Password
      • Password-Less Login e.g: biometrics
      Custom Provisioning App - Add policy

  • Click on Submit button to create a policy.

7. Add Users

  • Go to Users >> User list.
  • Click on Add User.
  • Users List Table- Add User

  • Enter the Users Details and the user will be created.
  • Custom Provisioning App - Add User

8. Assign Users

  • Click on Groups from the left menu.
  • Locate the group you created in Step 6.
  • Assign users to this group as required.
  • Custom Provisioning App - assign users

9. Import Users

  • Go to the tab External App to miniOrange and click on Add Configuration.
  • Add Configuration button under External App in miniOrange - import users

  • Choose Event as Request user import from the dropdown. Then add the API endpoint URL with the correct HTTP method selected as required by your application’s API.
  • Select Request user import event from the dropdown menu

  • Select the Authorization which you created in Step 2.
  • Add headers if the API request requires them in the Headers section as shown below.
  • Add required API request headers in the Headers section - import users

  • Add Body in the API request in either x-www-urlencode or json in the Body section if required, as shown below.
  • Add Body in API request using x-www-urlencode or JSON format if required - import users

  • Advanced Settings
    • Fill the Users data primary key value. It is the key in the API response, which consists of the user's list. You can keep this empty if the data does not come under any key. If it's coming under nested key format, then you need to mention the nested keys separated via a dot(.) Example - users.data
    • Enable Pagination - Enable this setting if your API sends the user's data in a paginated way. Also, in this case, make sure to add your pagination key in the API Endpoint URL, header or body as needed by the API using @Pagination Identifier as shown below. The pagination Identifier value will be replaced dynamically based on the below 2 settings below (Next Page Key and Start Page Number).
    • API configuration for enabling pagination with Pagination Identifier

    • Fill the Next Page Key value (Only applies if you enable pagination). It is the key in the API response, which consists of the next page/offset value to be used for pagination. You can keep this empty if your application does not send the next page/offset, and in that case, we will iterate over the pages sequentially.
    • Provide the Start Page Number (Only applies if you enable pagination) if you want to configure incremental pagination; otherwise, leave it empty.
    • Enter the Next Page Key from API response to handle pagination - import users

  • Attribute Mapping
    • Map the user attributes coming from the API with the attributes of a user in miniOrange, which you would like to import from your application
    • By default, you need to provide the following attributes mandatorily
    • External App Identifier (configure the attribute coming from API, which is unique for the user. Example - user’s id, guid, username, email, whatever unique your app uses for other API operations)
    • Primary Email (must be the attribute containing the unique email address of the user)
    • Map External App Identifier attribute from API response - import users

    • Additionally, you can click on Add new Attribute to add more attributes which you want to import.
    • Click on Save to save all the configurations. You will be redirected to the configuration list.
    • Now, click on the Import users icon to initiate the user importing process. It will take a few seconds, depending on the number of users present in the application, to import.
    • Click Add New Attribute to map additional user attributes for import - import users

    • You can go to the Users list page to check the imported users. This may take some time, depending on the users in bulk that you want to import.
    • You can also check the reports for the Import users from Reports -> Bulk Operations Report, as shown below.
    • Click Add New Attribute to map additional user attributes for import - import users