Skip to end of metadata
Go to start of metadata

This feature is available in midPoint version 3.0 and later.

Identity Synchronization

Most traditional provisioning systems are limited to synchronization of users and accounts. It makes perfect sense because this is what Identity Management is mostly about. And this is also the way that early IDM systems (including early midpoint versions) supported. 

Generic Synchronization

The world has moved on and the capabilities of traditional Identity Management systems are not longer sufficient. Recent IDM deployments require ability to synchronize groups to roles, organizational units to groups, roles to ACLs and so on. Simply speaking the current IDM deployments require much more generic synchronization capabilities.

The midPoint development team anticipated this very early in the midPoint development process. Therefore midPoint architecture was designed to support much broader set of synchronization options than just user-account pair. However as we try really hard to keep midPoint development pragmatic we have started to develop and test midPoint on user-account pair. When we were happy with the code structure and stability of this synchronization mechanisms we have extended the mechanism to be much more generic and to allow synchronization of a broader sets of objects. And this is what we call "Generic Synchronization".

See Also

  • No labels