How does directory sync work in practice?
Directory sync is responsible for provisioning, de-provisioning and updating your users on Progression based on the settings in your identity provider (IDP)
When a user is created in your IDP and granted access to the Progression in your IDP, they will be automatically created in Progression.
Note: they currently do not receive email notification that an account has been created.
When a user has access to Progression removed in your IDP, they will be archived in Progression. A user could have access removed in the IDP through being removed from an access group, removed from the organisation or being deleted.
If the user is subsequently granted access to Progression, their account will be transitioned from archived to active.
When a user's details are updated in the IDP, they will be updated in Progression. We currently sync the following attributes:
- First name
- Second name
- Manager (where manager is supplied as an email address which matches a Progression user in your organisation)
- This is generally mapped to the field manager
- Team (where the team name in the IDP matches a team in your organisation)
- This is generally mapped to the field department
- Position (where the position name in the IDP matches a position in the user's team)
- This is generally mapped to the field title