You can synchronize organizations and accounts between IDaaS and applications. For more information, see Provision accounts and organizations.
IDaaS allows you to synchronize all IDaaS accounts to an application at one time. IDaaS can also send notifications on incremental changes.
Go to the Provisioning tab, turn on Synchronize IDaaS Users on Application, and configure the
Synchronization Scope parameter.
After you set the synchronization scope, the application can obtain the organization and account information of the specified IDaaS node.
Configure push settings
Go to the Provisioning tab in application.
Configure basic push parameters. The following table describes the parameters.
The organization that you want to synchronize. If you perform this operation by using API operations, you can synchronize only the data of the organization.
Alibaba Cloud IDaaS
Public Key Endpoint
The synchronization request contains a signature. The receiver needs to obtain the public key from IDaaS and verify the synchronization request.
Outbound IP Address
Add the outbound IP address of IDaaS to the whitelist of your application to ensure that IDaaS requests can be received as expected.
URL for Receiving Synchronization Requests
The URL that is used to receive the synchronization request.
This URL must follow the rules in the development guide and serve multiple purposes including connection testing, receiving accounts, and receiving organizations. For more information, see Push accounts from IDaaS in Development Guide.
If you select this option, service data is encrypted by using a key and then transmitted. When data needs to be transmitted over the Internet, we recommend that you select this option to ensure secure data transmission.
The parameter is cleared.
The key that is used to encrypt service data.
The key can be generated by IDaaS or entered manually.
If you select this option, plaintext passwords are passed in the data for a specific event. The events are:
If you select Service Data Encryption at the same time, passwords and service data are encrypted during transmission.
The parameter is cleared.
After you configure push settings, you can also subscribe to change events to receive push notifications when events occur.
IDaaS defines more than ten types of account and organization change events. The events are divided into incremental events and full change events. For more information, see Contacts events.
After the configuration is complete, you can perform the following operations when Synchronize IDaaS Users on Application is turned on.
Test Connectivityto verify that the connection is correct, the network access is stable, and the request can be processed as expected.
Synchronizeto initiate full synchronization.
To receive the event requests sent from IDaaS, you must complete the development procedures in Account synchronization overview.