For most WordPress sites using the miniOrange SCIM Provisioning plugin, you only need three basic attributes: Username (userName), Email (emails.value), and Active Status (active). These make sure each user is easy to identify, can be contacted, and can be enabled or disabled correctly in the target application.
This image shows the attribute mapping configuration for provisioning in Microsoft Azure EntraID. The setup differs from how attribute mapping is configured in other IdPs.
Why is userName Required?
The userName attribute is required because it uniquely identifies each user in the target system. Without it, the system cannot know which account to create, update, or manage. The SCIM standard marks this attribute as mandatory to keep user data consistent across platforms. It serves as the main reference point that allows provisioning systems to manage accounts accurately and avoid duplication or errors.
Why is the Email Attribute Necessary?
The email attribute (emails.value) is important because it is often used for communication and login. Many applications also treat email as a backup way to identify users, and it helps keep information consistent across different systems. To make sure everything works smoothly, it is best to mark the email as the primary attribute.
What is the Purpose of the Active Attribute?
The active attribute determines whether a user account is:
- Enabled (true) → User can access the application.
- Disabled (false) → User access is revoked.
This is essential for lifecycle management, especially for deprovisioning users.
If you have any questions or need assistance, please reach out at samlsupport@xecurify.com.
