Chat now with support
Chat mit Support

Starling Connect Identity Manager Integrated - Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Configuring connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors Amazon S3 AWS ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD GSuite Concur Tableau GoToMeeting Coupa AWS Cognito Okta Creating a service account in GSuite Setting a trial account on Salesforce Working with Azure AD Generating a private key for service account in GoToMeeting OneIM limitations Configuring Amazon S3 AWS connector to support entitlements for User and Group Outbound IP addresses

Configuring connectors

Starling subscribers must register a connector for the required target cloud applications by providing the connection details. After successful registration, the connector can be used by SCIM clients such as One Identity Manager.

To configure a connector

  1. Sign in to the Starling service by navigating to https://connect.cloud.oneidentity.com/. Make sure that you are subscribed to the service or use a trial account.
  2. On the Services page, click View all services.

    The Connect service displays as part of the Services section.

    1. Click Trial .

      The Your Location dialog-box opens.

    1. Select the Country and State from the respective drop-down menus based on your location, and click Confirm.

      The Connect service appears as part of the My Services section.

    1. Click Connect.

      The One Identity Connect page with different connectors opens.

    1. From the Connectors section, select and click a connector that you want to configure.

      The Add Connector dialog box opens.

    1. Enter the required details in the Add Connector page and click Save.
    2. A dialog box with Connector Details (SCIM URL and Legacy SCIM Details) of the connector that was configured, opens.

      The configured connector becomes part of the My Connectors section.

    1. Navigate to the configured connector (My Connectors section). Click button that is located at the top-right corner of the configured connector tile.

      A list with four options is displayed.

    1. Select Copy legacy SCIM URL.

      NOTE: Note that the values mentioned below must be configured on SCIM Client (One Identity Manager).

      • SCIM Client ID

      • SCIM URL
      • SCIM Client Secret

      • SCIM Token Endpoint URL

For more information, see Connector versions.

Connector versions

Starling Connect versioning enables administrators to choose the desired version that a customer wants to be on. This enables backward compatibility for the changes done incrementally on the connectors. For example, if the target system APIs are updated or any authentication method is revised.

All the available versions that are available for the connector are displayed. V1.0 is the lowest available version for all the connectors. Also, the latest version is selected by default. Availability of new versions are notified with pop-up messages before and after configuring the connector. You can also change the version later.

Major versions include new features, enhancements, and changes at the target system whereas minor versions consist of bug fixes on the connector.

For more information, see Configuring connectors.

Salesforce

Salesforce offers a cloud-based customer relationship management (CRM) platform that lets users track sales, service, and marketing. It includes a social networking plug-in and analytical tools including email alerts, Google search functionality, and access to contracts.

To login to the Saleforce application, you must create a trail account. For more infomation, see Setting a trial account on Salesforce

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • Client ID - Consumer key of the connected app under API. Enable OAuth Settings (Left Menu | Build | Create | Apps).
  • Client Secret - Consumer Secret of the connected app under API. Enable OAuth Settings (Left Menu | Build | Create | Apps).

  • Username

  • Password

  • Token URL - Salesforce's token URL (https://<saleforce_instance_url>/services/oauth2/token)

  • Grant Type : password

Supported objects and operations

Users
Table 4: Supported operations for Users

Operation

VERB

Create

POST

Update (id)

PUT

Delete (id)

DELETE

Get (id)

GET

Get 

GET

Pagination GET
Groups
Table 5: Supported operations for Groups

Operation

VERB

Create

POST

Update (id)

PUT

Delete  (id)

DELETE

Get (id)

GET

Get

GET

Pagination GET
Roles
Table 6: Supported operations for Roles

Operation

VERB

Get All Roles

GET

Get Role (Id)

GET

Profiles
Table 7: Supported operations for Profiles

Operation

VERB

Get All Profiles

GET

Get Profile (Id)

GET

Permission Sets
Table 8: Supported operations for Permission Sets

Operation

VERB

Get All PermissionSets

GET

Get All PermissionSets (Id)

GET

Mandatory fields

Users
  • Last Name
  • Email
  • Alias (Auto populated with the combination of First and/or Last name)
  • Username (Auto populated from email)
  • Nickname (Auto populated from email; takes the name before “@”)
  • Email Encoding
  • Locale Settings (Time Zone, Locale & Language)
  • Entitlements - ProfileId

Groups
  • Group Name

User and Group mapping

The user and group mapping is listed in the table below.

Table 9: User mapping
SCIM parameter Salesforce parameter
Id id
UserName Username
ExternalId FederationIdentifier
Name.GivenName FirstName
Name.FamilyName LastName
Name.Formatted Name
DisplayName Name
NickName CommunityNickname
Emails.Value Email
Photos.Value FullPhotoUrl
Addresses.StreetAddress Street
Addresses.Locality City
Addresses.Region State

Addresses.PostalCode

PostalCode

Addresses.Country

Country

PhoneNumbers.Values

Phone

UserType

UserType

Title

Title

PreferredLanguage

LanguageLocaleKey

Locale

LocaleSidKey

Timezone

TimeZoneSidKey

Active

IsActive

Groups[].value(OnDemand)

SalesforceGroups[].GroupId

Entitlements[].Value

Profile[].Id

Entitlements[].Display

Profile[].Name

Roles[].Value

UserRole[].Id

Roles[].Display

UserRole[].Name

Extension.PasswordLastSet

LastPasswordChangeDate

Extension.EmailEncoding

EmailEncodingKey

Extension.Organization

CompanyName

Extension.Division

Division

Extension.Department

Department

Extension.Description

AboutMe

Extension.Manager.Value

Manager.Id

Extension.Manager.DisplayName

Manager.Name

Extension.LastLogon

LastLoginDate

Extension.EmployeeNumber

EmployeeNumber

Extension.Alias

Alias

Extension.UserPermissionsMobileUser

UserPermissionsMobileUser

Extension.UserPermissionsSFContentUser

UserPermissionsSFContentUser

Extension.UserPermissionsKnowledgeUser

UserPermissionsKnowledgeUser

Extension.UserPermissionsOfflineUser

UserPermissionsOfflineUser

Extension.UserPermissionsMarketingUser

UserPermissionsMarketingUser

Extension.UserPermissionsCallCenterAutoLogin

UserPermissionsCallCenterAutoLogin

Extension.UserPermissionsInteractionUser

UserPermissionsInteractionUser

Extension.UserPermissionsSupportUser

UserPermissionsSupportUser

Extension.FullPhotoUrl

FullPhotoUrl

Meta.Created

CreatedDate

Meta.LastModified

LastModifiedDate

Table 10: Group mapping
SCIM parameter Salesforce parameter
Id Id
DisplayName Name
Members.value UserOrGroupId
Meta.Created CreatedDate
Meta.LastModified LastModifiedDate

 

Table 11: Role mapping
SCIM parameter Salesforce parameter
Id Id
DisplayName Name
Members[].value RoleMembers[].Id
Members[].display RoleMembers[].Name

Meta.Created

CreatedDate

Meta.LastModified LastModifiedDate

 

Table 12: Profile mapping
SCIM parameter Salesforce parameter
Id Id
DisplayName Name
Members[].value ProfileMembers[].Id
Members[].display ProfileMembers[].Name
Meta.Created CreatedDate

Meta.LastModified

LastModifiedDate

 

Table 13: Permission Sets mapping
SCIM parameter Salesforce parameter
Id ID
DisplayName Name
Members[].value PermissionSetMembers[].Id
Members[].display PermissionSetMembers[].Name
Meta.Created CreatedDate

Meta.LastModified

LastModifiedDate

 

Connector limitations

  • Even if the Count value is less than 2000, the resources are returned as 2000.
  • Currently, the connector supports only salesforce api version 41.0.

  • Salesforce does not display an error when you create Duplicate Groups. It returns the existing group information. A duplicate group will not be created.

  • Connector updates the count value of pagination property to 500 when it is more than 500. This is done to solve common validation error.

Facebook Workplace

Facebook Workplace is a collaborative business platform run by Facebook to help users communicate through groups, chat, and social networking in a corporate environment.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • API Key

Supported objects and operations

Users
Table 14: Supported operations and objects for Users

Operation

VERB

Create

POST

Update (Id)

PUT

Delete (Id) DELETE
Get (Id) GET
Get GET
Pagination GET
Groups
Table 15: Supported operations and objects for Groups

Operation

VERB

Create POST
Update (Id) PUT
Delete (Id) DELETE
Get (Id) GET
Get GET
Pagination GET

Mandatory fields

Users
  • User Name
  • Name (Formatted)
  • Active
Groups
  • Group Name

User and Group mapping

The user and group mappings are listed in the tables below.

Table 16: User mapping
SCIM parameter Facebook Workplace parameter
Id Id
UserName userName
Name.Formatted name.formatted
Name.GivenName name.givenName
Name.FamilyName name.familyName
Name.MiddleName name.middleName
Name.HonorificPrefix name.honorificPrefix
Name.HonorificSuffix name.honorificSuffix
DisplayName displayName
NickName nickName
UserType userType
Title title
PreferredLanguage preferredLanguage

Locale

locale

Timezone

timezone

Active

active

Emails

emails

Addresses

addresses

PhoneNumbers

phoneNumbers

Groups.value

Group.id

Groups.display

Group.name

Roles.Value

Role.Id

Extension.Organization

organization

Extension.Division

division

Extension.Department

department

Extension.Manager.Value

manager.managerId

Extension.EmployeeNumber

employeeNumber

Extension.CostCenter

costCenter

 

Table 17: Group mapping
SCIM Parameter Facebook Workplace parameter
Id Id
DisplayName Name
Members.value UserOrGroupId
Meta.Created CreatedDate
Meta.LastModified LastModifiedDate

Connector limitations

  • Removal of the last member of a group deletes the group automatically.
  • At least one user must be a member of a group to use it.
Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen