AssignmentPro supports identity synchronization using a user API service called SCIM2. Internal users can now be directly created in AssignmentPro through the SCIM API. This means that users will no longer have to be manually created in AssignmentPro by someone has the appropriate security access rights such as a Super User.

Every time a new user/identity is pushed to the specific client's corporate identity provider (IdP) a new user payload information is generated by the IdP and sent through using the SCIM API. Personal information such as first name, last name, email address, username and userType is shared and sent across.

When the SCIM service receives the request the userType is used to identify which Template Table held on AssignmentPro is required in order to translate the userType into field values on the User Maintenance screen. A valid user is created from the configuration of the SCIM Payload and Configuration values obtained from the Template Table.

Configuration values on the Template Table can include but are not limited to the following fields:

If Auto Create Resource is set on the configuration, a new resource will created for the user, however, if that resource cannot be created, the user will not be created either.

By default, the creation of users through the SCIM API is First Name + "." + Last Name. If the UserId generated is not unique, a numeric string "01" is appended on the end of the generated UserId.

For example, two users: John A. Smith and John B. Smith will have the following generated UserIds:

John A. Smith - "John.Smith"

John B. Smith - "John.Smith01"

This will be recursive to new users being created even for UserIds that end on a numerical string.

Once the UserId is established, another check is performed where the UserId and the UserType is used together to see if there is a matching result in AssignmentPro.

For example, if a John.Smith as an employee already exists in AssignmentPro, a John.Smith as an Internal user, a new record for that user will be created even though both users have the same UserId "John.Smith".

If John.Smith as an Internal user already exists in AssignmentPro, SCIM returns an error code back to the IdP Endpoint (409 - The user already exists in the database).

The UserId pattern can be defined as a system preference (UIDGENPATT) in power user mode and determines how the users will be named. The default pattern is: First Name.Last Name.

Note: When changing the System Preference in order for the change to take effect a manual restart of the IIS (Internet Information Services) is required.

Users created through SCIM which are not SSO-users can be configured as to whether or not email(s) containing the user name name and password are sent to users. The option to receive the username and password via email (similar to users created in AssignmentPro by an internal user) must be enabled via system preference EQEMLSSOUS - Email credential when creating non-sso User through SCIM API.

When set to "Yes", users will automatically received their login credentials via email which will honor the SCTWOEMAIL system preference setting. If this is set to "Yes", two emails will be sent, one with the user name and the other with the password.

Things to note