Identity Patterns with the WSO2 Identity Server
Provision federated users to a tenant

  • The business users need to login to multiple service providers via multiple identity providers. For example login to Drupal via Facebook or Yahoo! credentials. 
  • Irrespective of the service provider, need to provision federated users to a single tenant (let’s say, individual tenant).
  • Define a user store with CarbonRemoteUserStoreManager in the WSO2 Identity Server pointing to the individual tenant. 
  • Represent each federated identity provider in Identity Server. For example, represent Facebook as an identity provider in Identity Server. 
  • Enable JIT provisioning for each identity provider, and pick the user store domain(CarbonRemoteUserStoreManager) to provision users. 
  • Products: WSO2 Identity Server 5.0.0+