Page tree
Skip to end of metadata
Go to start of metadata

The Env Organizational Identity Source Plugin is designed to pull attributes from environment variables, generally populated by web server authentication modules.

Modes

Org Identity Source ModeSupport
Manual Search and LinkingNot supported
Enrollment, AuthenticatedSupported
Enrollment, ClaimNot supported
Enrollment, SearchNot supported
Enrollment, SelectNot supported
Org Identity Sync ModeSupport
FullNot supported
QueryNot supported
UpdateNot supported
ManualNot supported

Configuration

Each environment variable must be mapped to the appropriate data element to populate using the value made available in that variable.

  • An environment variable must be mapped to Identifier (System of Record ID), which will serve as the unique key for the record.
  • In order for an identifier to be used for login to Registry, the Login box must be ticked for that identifier in the configuration.
    • (warning) The System of Record ID is not intended to be a login identifier, since it is a unique, persistent key. To use an identifier as both a System of Record ID and a login identifier, populate it into both the Identifier (System of Record ID) field as well as another Identifier field, such as Network or ePPN.
  • As a valid Organizational Identity requires a Primary Name, the environment variables should collect a name from the external identity provider in order for an Organizational Identity to be created. If the environment variable mapped to Given Name (Official) is empty the value of the environment variable mapped to Identifier (System of Record ID) will be used. If the environment variable mapped to Family Name (Official) is empty the value from the localization text pl.envsource.name.unknown is used (the localization texts for the plugin are found in the Lib/lang.php file under Plugin/EnvSource).
  • (warning) Be sure to click Save when presented the initial configuration page, even if accepting the default environment variable names presented.


You may need to adjust the configuration of your web server authentication module, e.g. the Shibboleth SP, to ensure that the attributes for the authenticated user are put into the environment so that they can be consumed by Env Source. You may want to review the section "Integrate Web Server Authentication" at Registry Installation - Source.

See Also

  • No labels