To configure the SCIM2 API to be used, integration must be established on the client-side Identity Provider (IDP). This can be done by using built-in integration such as on AzureAD or OKTA, as well as through Data Integration Processes to integrate with non-native apps. |
Profile Templates are defined at a System level in AssignmentPro. The templates specifies a definition of a user without any PII data which includes at least the User Type, Security Role, Company Access and Resource creation. Once a profile is created, it can be selected when defining the Group template.
User's Security Rights
In order for a user to create a new Profile Template, the user's security role must have View, Edit and Add security rights to the User Profile screen.
Creating a User Profile
Using the Global Search feature, navigate to the User Profile screen at the system level and click
The User Profile screen displays four sections that will collapse or expand by clicking on the section bar:
Details
Name: The name of the Template
Inactive: By default, the checkbox is set inactive (ticked) when creating a new Template
Details: Additional details input for the user
Code: This field is populated with an automatically generated code upon saving the record
User Type: Defines the active type for the user when being added to a group with this profile linked to it. Select from:
<External Client>
<External Employee>
<Internal>
SSO User: By default, checkbox is unchecked
Has all Assignment Rights: Checkbox can only be ticked and valid for Internal User Type
Restrict Coordinators to their own assignments: Checkbox can only be ticked for Internal and External Client User Types
Resource Settings - to be used if the profile template for Internal and External Client User Types requires the creation of a resource
Create Resource: Resource creation is enabled when the checkbox is ticked
Role Association Default: Specifies the default rule regarding Role assignment for this resource
Exceptions: Contains the exceptions regarding the above Role Association Default default
Company Association Default: Defines the default rule regarding Company association for this resource
Exceptions: Contains the exceptions regarding the above Company Association Default default
Security Roles - defines the security role or roles when applying the profile template
Company Access - defines options for company access when using this User Profile
Default All Company Rights: Defines the default access for users using this profile template. This can only be enabled for Internal User Type and when enabled, users linked to it, will have access to all companies
Exceptions: Contains the exceptions regarding the above Company access ruling
Click
to save the user profile template record. A code is generated and populated in the Code field. This code can be used for the SCIM2 API to create users. All users created by referencing this code inherits all the template settings (User and Resource if used).
After saving the record, if the profile is saved with the Has Assignment Rights unchecked, a new tab is visible on the top screen called Security Rules.
Security settings for Company Segment Security, Special Security Group Security and Country Security are defined here. If Has Assignment Rights is checked, the Security Rules tab and these sections do not appear for configuration.
