Javascript is actually
a good thing!
Make sure it's turned on
so that pingidentity.com can work properly.
Importing Users into PingOne for Customers | Ping Identity
Back to blog homepage icon Ping Identity Blog

Importing Users into PingOne for Customers

  •
  • Option One: PingOne for Customers Import Tool
  • Option Two: Integrate with PingDataSync
  • TL;DR
    • Back to top
    Back to blog homepage icon Ping Identity Blog

    Importing Users into PingOne for Customers

  •
  • Option One: PingOne for Customers Import Tool
  • Option Two: Integrate with PingDataSync
  • TL;DR
    • Back to top

    Importing Users into PingOne for Customers

    Jul 30, 2020
    -minute read
    Jason Hatchett

    Migrating users from a legacy identity system into a new one can seem daunting, enough so that many organizations may put off modernizing their identity platform. This is especially true for CIAM cases, where the number of users being transferred usually amounts to multiple orders of magnitude larger than traditional workforce directories.

     

    That’s why it’s our goal at Ping to make this process simple for our customers, especially in our identity-as-a-service (IDaaS) product. We realize that most companies aren’t starting with a brand new user base and need to import their customer identities from the original system of record. PingOne for Customers has two options for this that can help you accomplish this task, and understanding the differences between the two will help you know what will work best for your IDaaS implementation.

    Option One: PingOne for Customers Import Tool

    The first option to consider is the PingOne for Customers import tool found in the Ping Identity github repos. Originally constructed as a way to achieve quick time-to-value, it is the go-to solution when looking to get something done quickly and to begin evaluating the cloud software.

     

    The ease of this solution revolves around its ability to take a simple CSV file and load users directly from your computer to PingOne for Customers. It works by utilizing PingOne for Customer’s open API, allowing you to provide an environment and user population while the tool transfers identities to the cloud directory. The most you have to worry about is following the defined CSV format. If any of the data is formatted incorrectly, it creates an output file with the users it couldn’t load, allowing you to fix the problematic entries directly and then running the newly created CSV through the process again—ensuring no user from the original population is left out.

     

    There are some drawbacks to the method, though. The setup requires you to build a maven project (we’re looking into replacing this with a downloadable in the future). This allows for some customization for those with a bit of technical know-how who want to adapt the input format with custom attributes. For example, you might modify the source java code to look for custom attributes not included in the default template to match the custom attributes in PingOne directory. Another drawback is that this data import process is one-way, not allowing you to sync the PingOne for Customers directory with an external data store. That’s where our more advanced option comes in.

    Option Two: Integrate with PingDataSync

    The PingDataSync server is a standalone on-premises installation included for free with either a PingDirectory license or PingOne for Customers license. It acts as a high-capacity, high-reliability data synchronization and transfer pipe between source and destination topologies, and is all in all a power data synchronization tool.

     

    Compared to the previous option, this is a bit heavier regarding initial setup, as it requires installing additional Ping software—but it grants an abundance of extra features to help you with stricter data transfer requirements.

     

    Using PingDataSync, you need to configure a few items, such as the connections to both source and destination and which directions you want data to be synchronized in (or bi-directionally). You will also need to define a sync class, which defines the operation types and attributes that are synchronized, how different items are mapped, and how source and destination entries are correlated.

     

     

    Though this sounds like a lot to manage, it’s an extremely powerful tool with an intuitive interface. Not only can it help sync items to and from PingOne for Customers, but you can also connect to PingDirectory, Nokia Directory Server, Sun/Oracle Directory Server, Microsoft AD, and a few others. There is also the general SCIM support if your data source isn’t included. It should be noted that CSVs are not supported by this tool.

    TL;DR

    Moving all of your sensitive customer information to a new data store can be tricky, but there are great options available when using PingOne for Customers. Whether you’re doing a simple one-time migration or a constant sync with your existing data source, importing your users should be one less headache to deal with. But we encourage you to check out the related links to explore these options in further detail to make sure you’re making the right choice for your business. And sign up for a free trial to get started with PingOne for Customers!

     

    Related Links

    Share this Article:
    Related Resources
    What is Permissions Management?
    Permissions Management: A Developers' Perspective on Authorization
    Apr 15, 2024
    Permissions management is a way to better manage access to resources through user permissions. Read this blog for core use cases and best practices
    ForgeRock Software Release 7.5
    ForgeRock Software Release 7.5
    Apr 8, 2024
    The ForgeRock Software Release 7.5 empowers Ping Identity customers to elevate security, compliance, and developer/admin experiences

    Start Today

    Contact Sales

    sales@pingidentity.com

    +1 877-898-2905

    See how Ping can help you deliver secure employee and customer experiences in a rapidly evolving digital world.