Use case: Bulk import identities into ForgeRock Identity Cloud

Setup
, , , ,
#1

Use case overview

This use case demonstrates how to import identities into ForgeRock Identity Cloud from a CSV file. This is useful when you want to add a large number of identities to a role or assignment in a single operation.

Before you can import the identities, you’ll need to prepare a CSV file containing the identity profiles in the correct format.

Steps to achieve this use case

Prepare the CSV file

Prepare a CSV file with the identity profiles you want to import. The file must comply with this CSV template example:

"userName","givenName","sn","mail","description","accountStatus","telephoneNumber","postalAddress","city","postalCode","country","stateProvince",
"preferences/custom_loyalty","preferences/custom_security","preferences/marketing","preferences/updates"

For information on generating the CSV template file, see Import bulk data.

Other requirements for a successful CSV file import include:

  • Use commas as separators. Any other separator may cause errors.
  • Include the required attributes from the managed object schema in the CSV file.
  • Leave optional properties blank in the CSV file.

An example Excel file using the CSV file template will look similar to this:

uc_sample_bulk_csv
uc_sample_bulk_csv2668×1170 610 KB

Note that there are separate columns for “preferences/marketing” and “preferences/updates”, which are set using true and false values. These values determine, per record, whether or not the associated preference will be enabled during the bulk import.

NOTE: Imported accounts will require self-service password reset or pass-through authentication.

Bulk import identities from the CSV file

  1. Sign in to the Identity Cloud admin UI using your admin tenant URL, in the format https://<tenant-name>/am/XUI/?realm=/#/.

  2. Go to Identities > Import.

  3. Click New Import.

  4. Select Alpha realmUsers and click Next.

    uc_upload_csv_alpha_users
    uc_upload_csv_alpha_users717×629 51.5 KB

  5. Enter the name of the CSV file to upload, and choose a property Identity Cloud will use to match an entry in the CSV file to an identity profile. In this case, we’re using UserName.

    uc_upload_csv_identity_data
    uc_upload_csv_identity_data718×373 31.1 KB

  6. Click Next.

    When the import is complete, Identity Cloud displays the number of new, updated, unchanged, and failed imports.

    uc_csv_import_complete
    uc_csv_import_complete1080×700 67 KB

  7. Click Done.

View the imported identities

  1. In the Identity Cloud admin UI, go to Manage > Identities > Alpha realm - Users.

    The newly imported identities appear in the list.

    uc_imported_identities
    uc_imported_identities1260×1032 120 KB

  2. Click on a newly imported identity to view the details.

    uc_imported_user
    uc_imported_user931×803 81.9 KB

Additional resources

Documentation:

Training videos:

A comprehensive approach to CIAM vendor selection
ForgeRock Identity Cloud: Adding new users to an identity system
#2

@lucy.billington - This is very helpful. Along with these single valued attributes, the identities that I need to bulk import has ‘Company Number’ which is multivalued.

Is there any way - I can bulk import multivalued attribute of identities. is this even supported in Forgerock Identity cloud?

#3

Hi @tanu.garg,

It don’t think that the bulk import supports multivalued attributes as the generated CSV template does not include them. Also ‘Company Number’ is not defined in the ForgeRock Identity Cloud schema, so you’ll need to hold it in a generic purpose multivalued extension attribute (for example frUnindexedMultivalue1). Then configure a custom attribute - for example custom_companyNumber - as a string. This property is included in the CSV template. In the input CSV, for the custom_companyNumber column, serialise the array into a string which can be reverted back an to array (unless you know a better way to handle a multivalue field in a CSV column). Finally define an onUpdate/onCreate managed trigger which:

  • Parse the string to an array
  • Assign frUnindexedMultivalue1 with the array.

Regards
Patrick

#4

Dear Patrick @patrickdiligent ,

Thank you for your response and this was a really helpful idea.

I checked all the documentation but I could not find any sample code of how start writing the code in Managed object hooks.

frUnindexedString1 = custom_CompanyNumber (String Type) = “CH10,CH11,CH12”
frIndexedMultivalued1 = Array type = should result = [“CH10”,“CH11”,“CH12”]

Now, onUpdate hook → fetch value frUnindexedString1 and convert in Array and add in frIndexedMultivalued1

=======================

var companyNumStr = frUnindexedString1;
var temp = new Array();
temp = companyNumStr.split(/,/);
frIndexedMultivalued1 = temp;

The above code is a generic javascript code. Could you please help me to know how this code needs to be transformed in respect to Forgerock cloud mostly 1st and last line.

#5

Hi @tanu.garg,

Please refer to Script triggers defined in the managed object configuration :: IDM 7.3.0 regarding available variables in the script scope. The one that you are interested in is object which contains the content of object being created or updated.

So something like this?

if (object.frUnindexedString1 !== null) {
   object.frUnindexedMultivalued1 = object.frUnindexedString1.split(/,/);
}
1 Like