OpenIAM does not allow, by default, importing both users and the list entitlements in one process. You must first:

• Import your entitlements.
• Import users + their entitlements.

The importing entitlements section showed how to configure synchronization and import entitlements to OpenIAM, covering step one of the whole process. In this document, the issue of importing users + their entitlement memberships will be covered.

For automated application, meaning with available connectors, please review the connector documentation. Here, choose the respective connector you use from the list and find Synchronization section for it, which will help to configure your own synchronization process.

For those connectors that don't provide an integration option, you can import entitlements using a CSV file. To simplify this process, out-of-the-box templates have been provided.

Configuring synchronization

1. Go to webconsole -> Provisioning -> Synchronization

The synchronization page contains ready-made examples of synchronization for various objects. If you are new to OpenIAM, then please leverage these examples instead of creating a new configuration. The example template for users + entitlement memberships is called CSV USER Entitlements Sync Example. You can find it by entering its name in a search line in the synchronization page.

In case you want to configure synchronization from scratch, use the steps described in the document by this link.

Fill in the field as described in the referenced document except the value for Synchronization source has to be CSV file and for Synchronization object field the value is User.

Validation rule and Transformation rule fields require groovy scripts to be chosen. Sample validation script and transformation script for importing user and entitlements can be found by this link.

Upon fields completion, synchronization is ready to run.