Skip to content


Using the Provisioning on Hire2Retire you can provision and deprovision users on StrongDM. Read the official documentation of StrongDM here.

StrongDM Application on Hire2Retire

Figure 1. StrongDM Application on Hire2Retire

Define Role Definition

Provisioning Type

Define Role(s)

You can assign a Role to any user based on their AD attributes. You can define complex conditions using AND and OR logic. You can also use thee Group memberships in AD to define Roles. The Roles are used to assign specific privileges and licenses in StrongDM. For Example: In Figure 2, the rules are defined on the basis of Department (Equals). If the rules are passed then only user(s) will get provisioned. If no rule passes and the user(s) is present in StrongDM then deprovisioning is performed for the user(s).

StrongDM ScimManager Table1

Figure 2. Provision users with following rule definitions

Process All Employees

All user(s) will be provisioned on StrongDM.

StrongDM Process All Employees

Figure 3. Process All Employees

Provision User

You can decide to either provision or deprovision using Provisioning.

You can provision one or more user(s) according to the requirement. User(s) can be created, updated or reactivated in provisioning operation. You can deprovision one or more user(s) according to the requirement. User(s) can be terminated in deprovisioning operation.

StrongDM Form Operations

Figure 4. Configure lifecycle operations for StrongDM

Map attributes on StrongDM

You can select the attributes provided by StrongDM that you want to populate. You can map values from AD/AzureAD/Hybrid to populate these attributes. You can also use Hire2Retire's powerful data transformation capabilities using Excel Style functions.

StrongDM Form Attributes

Figure 5. Select StrongDM attributes