PingOne Advanced Identity Cloud

Plan for data object modeling

Learn more about the deployment process in Plan for Advanced Identity Cloud.

When preparing an PingOne Advanced Identity Cloud deployment, one of the most important phases of the planning process is data object modeling. Data object modeling is the process of creating an identity data model describing the data types, its structures, and its relationships that meet the business requirements of your company.

Successful deployment of Advanced Identity Cloud requires early and detailed consideration of the data object model. This applies as much to Advanced Identity Cloud as it does to a customer’s own deployment of the Ping Identity software.

A structured approach of discovery and rationalization creates a solid foundation for the implementation of the object model, and allows for evolution over time in line with business requirements.

Planning considerations for data object modeling

The key planning considerations for data object modeling are the following:

Item Description

User communities

Determine the different user communities the platform will serve, such as customers, business partners, and employees.

Entities

Determine the different entities and identities that make up each of these communities, such as end users, organizations, and devices.

Authentication and authorization requirements

Determine the information needed for each of these entities to support your authentication and authorization requirements.

Use Introduction to Authentication to understand authentication. Use Authorizations and policy decisions to understand authorization.

Combine the two together with Journeys.

Data organization

Determine how end user identities (or data) are organized and how the organization affects authentication and authorization.

Utilize realms, relationships, organizations, and groups to aggregate entities and identities into business units, standalone organizations, or families of users.

Identity mappings

Determine the specific identity mappings required for your applications. It is important to understand how identity information is created or updated in Advanced Identity Cloud and which information is managed externally.

The development of the new identity model should preserve the entities and attributes relevant to your business requirements while leaving behind the identity data relevant only internally to your organization.

Advanced Identity Cloud uses schemas and other techniques to provide a common and consistent way to manage new and existing data sources across your organization. Advanced Identity Cloud offers extensive flexibility for identity profiles and their associated business processes. However, the overall object model is relatively fixed, as expected of a Software as a Service (SaaS) delivery model. The data object modeling process therefore involves some level of adaptation for any pre-existing customer identity model. It is unlikely—​and often undesirable—​that the existing model can be implemented exactly as-is within Advanced Identity Cloud.

Learn more about the building blocks of the identity model in object modeling.

Copyright © 2010-2024 ForgeRock, all rights reserved.