Connect to a WUYING Workspace identity provider

Limitations

You can enable a maximum of five identity providers at a time. Only one of them can be a custom identity provider. If you reach this limit, you must disable an existing identity provider before you can enable a new one.

Configure WUYING Workspace identity provider

1. Log in to the SASE console.

2. In the left-side navigation pane, choose Identity Authentication > Identity Access.

3. On the Identity synchronization tab, click Create IdP.

4. In the Create IdP panel, select EDS, and then click Configure. Follow the wizard to complete the configuration.

5. In the Basic Configurations wizard, configure the following parameters and click Ok.

   Parameter	Description
   IdP Name	Enter a name for the identity provider.
   IdP Status	Configure the status for the identity source. The valid values are: Enabled: The identity source is enabled after it is created. Closed: The identity source is disabled after it is created. Important If you disable an identity source, end users cannot use the SASE app to access internal applications. Proceed with caution.
   EDS Workspace Account Configuration	Configure the Alibaba Cloud UID for WUYING Workspace. Click Add More to add a maximum of five UIDs.
   Automatic Synchronization	If you enable Automatic Synchronization, the system automatically synchronizes information from WUYING Workspace based on the synchronization mode. If you do not enable Automatic Synchronization, you must manually synchronize the organizational structure. For more information, see View synchronization records.
   Automatic Synchronization Cycle	Set the Automatic Synchronization Cycle. The interval can be set from 1 to 24 hours.

View synchronization records

1. On the Identity synchronization tab, find the identity source that you added and click Synchronize Records in the Actions column.

2. On the Synchronize Records page, view the information synchronization records for the identity source.

3. In the Synchronization Task section on the left, click a specific task to view its synchronization details in the list on the right.

   

4. In the Actions column for a task, click Details to view the field information for the Third-party Data Source and SASE Data Source.

Disable automatic synchronization

• On the Identity synchronization tab, find the identity source that you added and turn off the switch in the Automatic Synchronization column.

• In the Edit IdP panel, turn off the automatic synchronization switch.

Edit WUYING Workspace identity provider

On the Identity synchronization page, find the relevant WUYING Workspace identity provider and click Edit in the Actions column to update its settings.

Disable WUYING Workspace identity provider

On the Identity synchronization page, find the relevant WUYING Workspace identity provider and turn off the switch in the IdP Status column.

Delete WUYING Workspace identity provider

On the Identity synchronization page, find the relevant WUYING Workspace identity provider and click Delete in the Actions column.

Related documents

Configure user-defined identity provider

If your organization does not use any identity provider, you can use the custom identity provider offered by SASE to build your organizational structure. For more information, see Connect to a custom identity provider.

Connect to a third-party identity provider

If your organization already uses an identity provider such as LDAP, DingTalk, WeCom, Lark, or IDaaS to manage the organizational structure, you can connect the identity provider to SASE.

• Connect to an LDAP identity provider

• Connect to a DingTalk identity provider

• Connect to a WeCom identity provider

• Connect to a Lark identity provider

Configure user groups

If you need to create user groups outside your organizational structure, see User group management.