Opal allows customers to ingest identities and their attributes from multiple IDP/HR systems. If your organization uses multiple IDPs, multiple HR systems, or you simply want to combine user metadata from disparate sources, you can simultaneously connect to each and rank priority on a per-attribute basis.

Adding additional providers

Before adding additional providers, you must first set them up as Apps in Opal.

Next, go to the Configuration section and navigate to Settings, then Identity and HR Integrations. Click + IDP/HRIS Connection to add another provider.

Importing attributes

Attributes from any connected provider can be imported as either:

• User Tags (custom attributes)
• Opal System Attributes (such as the user's Name, Manager, or Position)

User Tags (custom attributes) are linked to the IDP or HRIS provider they are imported from. The source provider for each user tag will be visible after import.

Handling system attribute conflict

Opal's built-in attributes, such as title, first name, last name, and manager, can be imported from any connected IDP or HRIS. These attributes are not directly tied to the originating provider, so you need to specify which provider takes precedence if a user is active in multiple systems. You can configure this priority in the Attribute Mapping tab.

Handling email changes

If a user's email changes in the IDP, Opal will update the user's email in Opal to match the new email in the connected system, while preserving all existing links with remote systems. Note: Updating the email in only some IDPs may cause unintended state drift. You can configure which IDP takes precedence for email changes in the Attribute Mapping tab.

Secondary emails

When multiple IDP/HRIS providers are configured, secondary emails imported from them will be merged for the corresponding user.