Customizing account attributes#

A user account is described by a set of attributes. Attribute values are formed in the following ways:

are read from connected attribute stores (see Connecting storage via LDAP);
are read from the Blitz Identity Provider database - the attribute is read and saved in the database if no attribute mapping is configured for the attribute in the connected attribute store.
are calculated from other attributes or filled with constant values. For example, you can compute the attribute “user domain” from the e-mail address or create a composite attribute “full name” from separate attributes with the last name, first name and patronymic of the user.

The configuration of attributes consists of:

configuring stored attributes, i.e., those maintained in connected repositories or in the Blitz Identity Provider database;
configuring computable attributes, i.e., those that must take a constant value or that are computed by rules.
configuring input value conversion rules that allow you to convert attribute values when they are changed (e.g., when they are edited by the user or during invoking of the corresponding API);
configuring output value conversion rules that allow to perform additional transformations with the computed attributes;
configuring attribute assignment - definition of the identifier in the system and attributes, responsible for mobile phone number, e-mail address.

Important

For Blitz Identity Provider to work correctly, at a minimum, the following configuration must be performed: