Skip to main content

Integration Mechanisms

This section describes the technical pathways for integrating applications with PwC Identity including HR systems, Application Programming Interface (APIs) and Single Sign-On (SSO).

Integration with HR Systems for Internal User Data

Direct Identity Integration  

Enables centralised internal user lifecycle management, simplifying provisioning and deprovisioning via SailPoint IdentityIQ.

PMDM Integration  

Recommended only if PwC Identity cannot meet internal user data flow requirements as needed by application/business demand.

  • Requires additional co-ordination with People Master Data Management (PMDM) team(s).

API Integration Details

Group & User Management

> Two Approaches

Tactical: Co-existence with ForgeRock & Entra ID

Use the GUM API for integration for group & external user management.

Follow the documented GUM API Setup Guidelines setup guidelines, including endpoint configuration and data format specifications.

Strategic: Entra ID

Use the Graph API for managing group & external user management​.

💡 Moving from GUM API to Graph?

Review this guidance. For new integrations:


Microsoft Graph is the gateway to Microsoft 365 data and intelligence, with three main data access components:

  1. The Microsoft Graph API - a single endpoint, https://graph.microsoft.com, for REST APIs or SDKs to access Microsoft 365 data, manage user and device components, and build applications on M365 services such as Teams and SharePoint​

  2. Microsoft Graph connectors- bring external data (like Box, Google Drive, Jira, Salesforce) into Microsoft 365 apps to enhance experiences such as Microsoft Search.​

  3. Microsoft Graph Data Connect (Not Supported) - provides a set of tools to deliver MS Graph data.​

Refer to the Microsoft Graph API Usage Guidelines for implementation details.​


SSO Integration​

Single Sign-On (SSO): SSO is part of authentication services provided by PwC Identity. When authorizing the user, the user will not be prompted to authenticate on subsequent sites/applications, unless application has stricter controls around access. ​

Application Integration: Applications can use open federation standards (SAML, WsFed, OAuth2/OIDC) to integrate with PwC Identity and are recommended to use Microsoft Native Authentication Libraries (MSAL) to seamless integrate. MSAL provides pathways for various kind of applications (Java,.NET, Node, Python,etc).