Overview
While Workplace allows you to manage accounts manually or in bulk by using a spreadsheet, we recommend that you automate your account management to have better control over your people. With an automated account management tool in place, a user account will be automatically created, updated or deactivated in Workplace when the account is created, updated or deactivated in your organization's user repository.
Workplace has an out of the box integration with the largest Cloud Identity Providers such as Azure AD, G Suite, Okta, OneLogin and PingFederate.
You can connect your Cloud Identity Provider by:
- Using a Workplace third-party integration (where the provisioning connector is hosted by the Identity Provider).
- Using Workplace Import (where the provisioning connector is hosted by Workplace).
In case that your organization uses a different central user repository, you can use the Account Management SCIM API to create your own custom account management tool.
Connect via Third Party Integration
Connect via Third Party IntegrationIn this section we cover how to connect Workplace with a Cloud Identity Provider that your organization manages by using a Workplace Third-Party Integration.
Prerequisites
To enable this configuration, the following is required:
- Your organization uses a Cloud Identity Provider that integrates with Workplace.
- You have integrated your master identity store (e.g., Microsoft Active Directory or Oracle Directory Server) with the Cloud Identity Provider to synchronize user accounts.
- A user in Workplace who has a role of System Administrator.
- Your users' email domains have been verified (recommended) or allow listed in Workplace.
Configure your Cloud Identity Provider
Given that each Cloud Identity Provider has created their own integration with Workplace, you'll need to follow their documentation in order to complete the provisioning process.
List of supported Cloud Identity Providers
Connect via Workplace Import
In this section we cover how to connect Workplace with a Cloud Identity Provider that your organization manages by using Workplace Import. Workplace Import support G Suite and Azure AD.
G Suite IntegrationG Suite Integration
If the users in your organisation are managed using G Suite, then using Workplace Import from G Suite is the right solution to add, update, and disable users in Workplace automatically.
Prerequisites
- To enable this configuration, the user that performs the configuration steps needs to be both a G Suite and a Workplace admin.
- Your users' email domains have been verified (recommended) or allow listed in Workplace.
Configure the G Suite Integration
For a successful setup make sure to follow the steps below:
email, externalID, firstName, lastName, fullName, manager, jobTitle, department, phoneNumber, location, isActive. Manage via Account Management API
In case you don't want to use one of the supported Cloud Identity Providers, you can build your own custom automated account management tool. Take a look at our Developer Documentation to see how you can create, update and deactivate users with the Account Management API.
