2010/02/10
10 Feb, 2010

WSO2 Cloud Identity for Managing User Accounts of your Organization

  • Dimuthu Leelarathne
  • Architect - WSO2

WSO2 Cloud Identity presents the next generation way of managing user accounts of organizations. It can provide complete Identity Management solution for your organization and can be visualized as a online user storage as well. So why do you want to store user accounts of your organization in WSO2 Cloud Identity?

  • Security - Security is the key requirements when storing user accounts. Availability is considered as a part of security. WSO2 Cloud Identity stores user information securely and thrives to be highly available. All the passwords are stored with digested along with a salted value.
  • Features - WSO2 Cloud Identity has a set of special features and offers a variety of services.
    • Manages user accounts/roles and permissions
    • Provides SSO using SAML with Google Apps
    • Issues Open-ID/Info card for users
    • Manages Identity of users. The claims and profiles of users are customizable
  • Economy - WSO2 provides free trial accounts and don’t charge setup fees, so it can be easy to manage accounts for startups - no hardware cost or staffing cost. You can upgrade as the organization grows.
  • WSO2 Cloud Identity is user-friendly and it's GUI is intuitive - It does not require an expert to manage user accounts. It has self-help through user guides and articles like these provide step by step guide.

Creating an Organization in WSO2 Cloud Identity

Step 1 : Click on register organization. This will take you to the page that checks the availability of the domain name. If the domain name is available you can confirm ownership, as per instructions given on the “domain ownership confirmation page”. However if you decided to skip this, your domain name will be appended with a “-trial” suffix. Give the details of the domain and sign up the organization.

Note : By clicking on the ? sign on top right hand corner of each page, you can view the user guide, that provides you more help.

Register Organization

Step 2 : Once you have created the organization you can customize the look and feel of the WSO2 Cloud Identity product. You can give the company logo and select from a range of available themes.

Creating user accounts in WSO2 Cloud Identity

You have created an organization. Now you need to enable other users to login and experience all the features of WSO2 Cloud Identity.

Option 1 :

You can create user accounts for each user by going into User Management > Users > Add User. Follow the user guide for more help.

Option 2 :

You can also import users from existing user stores in bulk. You could be managing users in a relational database or a LDAP server. You can export users in to comma separated list (*.csv file) or to an excel sheet (*.xls files) and import into WSO2 Cloud Identity at once. This version supports importing users from a .csv files and Excel sheets. The process can be high lighted as follows.

Step 1 : Export users from the current user store into a .csv file or excel sheet (97/2000/XP versions). Refer documentation and tools available with your current user store on how to export users.  

Many visual LDAP tools support exporting users in .csv format. Tools such as Apache Directory Studio, LDAP Amin Tool and Active Directory has step-by-step instructions on how to do it.  An example of  how to use the LDAP Admin tool to export .csv file is available here [1]. Values in relational databases can also be obtained in .csv/.xls formats.

The expected format of the CSV file is as follows.  The first line of the CSV file will be ignored considering it is not a username.

Format of the CSV file

The expected format of a Excel sheet is as follows.  The first line of the Exceel sheet will be ignored considering it is not a username.

Format of the Excel sheet

Step 2 : Login to WSO2 Cloud Identity as Organization Admin

Step 3 : Click on User Management > Users > Bulk Import users

Step 4 : Select the .csv/.xls file from the file browser

Step 5 : Give a default password for users and click OK. All the users in .csv/.xls file will be created in WSO2 Cloud Identity with the default password given by you. They will be assigned to the everyone role.

Step 6 : Inform users to login and change their password within 24 hours.

The default password of the imported users is valid only for 24 hours. You as the system administrator you can resolve issues of expired passwords by login in as the Admin and changing their password available in  User Management > Users page.

 [1] https://www.ldapsoft.com/exportdatafromldaptocsv.html

Author

Dimuthu Leelarathne, Technical Lead, WSO2 Inc., dimuthul AT wso2 DOT com.

 

About Author

  • Dimuthu Leelarathne
  • Architect
  • WSO2