Integrate identity

You can configure user identity settings and synchronize user information from your directory in order to assign policies to users or groups.

The IAM > User and Groups page is where you will manage everything related to your domain, users, groups, and authentication. This is also where you perform certain individual user functions, such as selectively wiping users’ mobile devices. There are 4 main functions you can manage:

  1. Username Domains and Authentication: This is where you can add and provision the domains you wish to use with Forcepoint ONE SSE.

    You can provision as many email domains as you wish to add into the Forcepoint ONE SSE system. Every email domain that you wish to use within Forcepoint ONE SSE must be configured, along with a corresponding authentication type for users logging in with email addresses in that domain.

  2. Active Directory User Source: This is where you can setup synchronization with your AD system to use for provisioning and deprovisioning users into Forcepoint ONE SSE.
  3. Groups: Here you can create and manage local groups. Groups can be used for access control as well as policy actions. Groups synced from AD will appear here, but they cannot be adjusted or changed (all user/group provisioning must occur in AD).
  4. Users: Here is where you can add/manage local users in the Forcepoint ONE SSE system. Users synced from AD will also appear here, but their settings/attributes cannot be changed within Forcepoint ONE SSE (all user/group provisioning must occur in AD). You can also view user application activity history.
Note: Forcepoint ONE SSE also offers the ability to provision users via SCIM over OAuth. To learn how to setup and authorize SCIM for user provisioning, refer to Provisioning users using SCIM.