지금 지원 담당자와 채팅
지원 담당자와 채팅

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

Configuring custom attributes for ServiceNow v.1.0

ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.

ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.

Supervisor configuration parameters for ServiceNow v.1.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • Custom Properties (List of custom properties, if any, to be mapped)
    For more information, see Configuring custom attributes for ServiceNow v.1.0.

  • SCIM URL (Cloud application's REST API's base URL)

You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.

NOTE:For more information about how to configure custom attributes in ServiceNow v.1.0 , see Configuring custom attributes for ServiceNow v.1.0.

Supervisor configuration parameters for ServiceNow v.2.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • SCIM URL (Cloud application's REST API's base URL)

Configuring custom attributes for ServiceNow v.2.0

You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.

NOTE:

  • For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
  • As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.

  • If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:

    <custom_attribute>$$<nested_attribute>.

    For example,

    "parent": {

    "link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",

    "value": "b85d44954a3623120004689b2d5dd60a"

    }

    you must enter as parent$$value in Starling Connect.

  • The connector supports single level of navigation only.

Supported objects and operations

Users
Table 50: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get (Id)

GET

Pagination GET
Groups
Table 51: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get all groups

GET

Get (id)

GET

Get

GET

Pagination GET
Roles
Table 52: Supported operations for Roles

Operation

VERB

Get All Roles

GET

Get Role (Id)

GET

Mandatory fields

Users

  • Username

Groups

  • Group Name

User and Group mapping

The user and group mapping is listed in the table below.

Table 53: User mapping
SCIM parameter ServiceNow parameter
userName user_name
name.familyName last_name
name.givenName first_name
name.middleName middle_name
displayName name
emails[0].value email
addresses[0].streetAddress street
addresses[0].locality city
addresses[0].region state
addresses[0].postalCode zip
addresses[0].country country
phoneNumbers[0].value(type=work) phone
title title
preferredLanguage preferred_language
timeZone time_zone
active active
password user_password
roles.value {resource}.role.value
extension.organization company
extension.department department
extension.manager.value manager.value
extension.employeeNumber employee_number
id sys_id
groups.value {resource}.group.value

extension.lastLogon

last_login_time

PhoneNumbers[0].value(type=mobile)

mobile_phone

Table 54: Group mapping
SCIM parameter ServiceNow parameter
id sys_id
displayName name
members.value {resource}.user.value
extension.description description
extension.email email

extension.groupType

type

extension.manager.value

manager.value

Connector versions and features

The following subsections describe the different connector version(s) and features available with them.

Supported Versions

The supported versions of ServiceNow connector are:

  • v.1.0
  • v.2.0

NOTE: For more information, see Connector versions.

Connector limitations

  • ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.

  • If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.

  • If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.

  • In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.

  • GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).

  • If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.

  • If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.

  • Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.

Supervisor configuration parameters for ServiceNow v.2.0

ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.

ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.

Supervisor configuration parameters for ServiceNow v.1.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • Custom Properties (List of custom properties, if any, to be mapped)
    For more information, see Configuring custom attributes for ServiceNow v.1.0.

  • SCIM URL (Cloud application's REST API's base URL)

Configuring custom attributes for ServiceNow v.1.0

You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.

NOTE:For more information about how to configure custom attributes in ServiceNow v.1.0 , see Configuring custom attributes for ServiceNow v.1.0.

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • SCIM URL (Cloud application's REST API's base URL)

Configuring custom attributes for ServiceNow v.2.0

You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.

NOTE:

  • For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
  • As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.

  • If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:

    <custom_attribute>$$<nested_attribute>.

    For example,

    "parent": {

    "link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",

    "value": "b85d44954a3623120004689b2d5dd60a"

    }

    you must enter as parent$$value in Starling Connect.

  • The connector supports single level of navigation only.

Supported objects and operations

Users
Table 50: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get (Id)

GET

Pagination GET
Groups
Table 51: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get all groups

GET

Get (id)

GET

Get

GET

Pagination GET
Roles
Table 52: Supported operations for Roles

Operation

VERB

Get All Roles

GET

Get Role (Id)

GET

Mandatory fields

Users

  • Username

Groups

  • Group Name

User and Group mapping

The user and group mapping is listed in the table below.

Table 53: User mapping
SCIM parameter ServiceNow parameter
userName user_name
name.familyName last_name
name.givenName first_name
name.middleName middle_name
displayName name
emails[0].value email
addresses[0].streetAddress street
addresses[0].locality city
addresses[0].region state
addresses[0].postalCode zip
addresses[0].country country
phoneNumbers[0].value(type=work) phone
title title
preferredLanguage preferred_language
timeZone time_zone
active active
password user_password
roles.value {resource}.role.value
extension.organization company
extension.department department
extension.manager.value manager.value
extension.employeeNumber employee_number
id sys_id
groups.value {resource}.group.value

extension.lastLogon

last_login_time

PhoneNumbers[0].value(type=mobile)

mobile_phone

Table 54: Group mapping
SCIM parameter ServiceNow parameter
id sys_id
displayName name
members.value {resource}.user.value
extension.description description
extension.email email

extension.groupType

type

extension.manager.value

manager.value

Connector versions and features

The following subsections describe the different connector version(s) and features available with them.

Supported Versions

The supported versions of ServiceNow connector are:

  • v.1.0
  • v.2.0

NOTE: For more information, see Connector versions.

Connector limitations

  • ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.

  • If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.

  • If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.

  • In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.

  • GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).

  • If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.

  • If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.

  • Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.

Configuring custom attributes for ServiceNow v.2.0

ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.

ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.

Supervisor configuration parameters for ServiceNow v.1.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • Custom Properties (List of custom properties, if any, to be mapped)
    For more information, see Configuring custom attributes for ServiceNow v.1.0.

  • SCIM URL (Cloud application's REST API's base URL)

Configuring custom attributes for ServiceNow v.1.0

You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.

NOTE:For more information about how to configure custom attributes in ServiceNow v.1.0 , see Configuring custom attributes for ServiceNow v.1.0.

Supervisor configuration parameters for ServiceNow v.2.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • SCIM URL (Cloud application's REST API's base URL)

You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.

NOTE:

  • For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
  • As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.

  • If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:

    <custom_attribute>$$<nested_attribute>.

    For example,

    "parent": {

    "link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",

    "value": "b85d44954a3623120004689b2d5dd60a"

    }

    you must enter as parent$$value in Starling Connect.

  • The connector supports single level of navigation only.

Supported objects and operations

Users
Table 50: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get (Id)

GET

Pagination GET
Groups
Table 51: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get all groups

GET

Get (id)

GET

Get

GET

Pagination GET
Roles
Table 52: Supported operations for Roles

Operation

VERB

Get All Roles

GET

Get Role (Id)

GET

Mandatory fields

Users

  • Username

Groups

  • Group Name

User and Group mapping

The user and group mapping is listed in the table below.

Table 53: User mapping
SCIM parameter ServiceNow parameter
userName user_name
name.familyName last_name
name.givenName first_name
name.middleName middle_name
displayName name
emails[0].value email
addresses[0].streetAddress street
addresses[0].locality city
addresses[0].region state
addresses[0].postalCode zip
addresses[0].country country
phoneNumbers[0].value(type=work) phone
title title
preferredLanguage preferred_language
timeZone time_zone
active active
password user_password
roles.value {resource}.role.value
extension.organization company
extension.department department
extension.manager.value manager.value
extension.employeeNumber employee_number
id sys_id
groups.value {resource}.group.value

extension.lastLogon

last_login_time

PhoneNumbers[0].value(type=mobile)

mobile_phone

Table 54: Group mapping
SCIM parameter ServiceNow parameter
id sys_id
displayName name
members.value {resource}.user.value
extension.description description
extension.email email

extension.groupType

type

extension.manager.value

manager.value

Connector versions and features

The following subsections describe the different connector version(s) and features available with them.

Supported Versions

The supported versions of ServiceNow connector are:

  • v.1.0
  • v.2.0

NOTE: For more information, see Connector versions.

Connector limitations

  • ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.

  • If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.

  • If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.

  • In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.

  • GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).

  • If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.

  • If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.

  • Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.

Supported objects and operations

ServiceNow is a service management platform that can be used for many different business units, including IT, human resources, facilities, and field services.

ServiceNow connectors are available for use with One Identity Safeguard for Privileged Passwords.

Supervisor configuration parameters for ServiceNow v.1.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • Custom Properties (List of custom properties, if any, to be mapped)
    For more information, see Configuring custom attributes for ServiceNow v.1.0.

  • SCIM URL (Cloud application's REST API's base URL)

Configuring custom attributes for ServiceNow v.1.0

You can configure custom attributes for the ServiceNow v.1.0 connector when you configure the connector in Starling Connect by adding the custom attributes in the Custom Properties field in the defined format.

NOTE:For more information about how to configure custom attributes in ServiceNow v.1.0 , see Configuring custom attributes for ServiceNow v.1.0.

Supervisor configuration parameters for ServiceNow v.2.0

To configure the connector, following parameters are required:

  • Connector name

  • Username for the cloud account

  • Password for the cloud account

  • SCIM URL (Cloud application's REST API's base URL)

Configuring custom attributes for ServiceNow v.2.0

You can configure custom attributes for the ServiceNow v.2.0 SCIM connector in Starling Connect for Users, Groups and Roles in the Custom Attributes section in Schema Configuration.

NOTE:

  • For more information about how to configure custom attributes in ServiceNowv.2.0, see Configuring custom attributes in connectors.
  • As the ServiceNow target system does not support disabling of attributes, the ServiceNow connector is enhanced only to support the configuration of custom attributes in the SCIM connector.

  • If a custom attribute is a complex attribute, then you must enter it in the following format in Starling Connect:

    <custom_attribute>$$<nested_attribute>.

    For example,

    "parent": {

    "link": "https://dev60043.service-now.com/api/now/table/sys_user_group/b85d44954a3623120004689b2d5dd60a",

    "value": "b85d44954a3623120004689b2d5dd60a"

    }

    you must enter as parent$$value in Starling Connect.

  • The connector supports single level of navigation only.

Users
Table 50: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get (Id)

GET

Pagination GET
Groups
Table 51: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get all groups

GET

Get (id)

GET

Get

GET

Pagination GET
Roles
Table 52: Supported operations for Roles

Operation

VERB

Get All Roles

GET

Get Role (Id)

GET

Mandatory fields

Users

  • Username

Groups

  • Group Name

User and Group mapping

The user and group mapping is listed in the table below.

Table 53: User mapping
SCIM parameter ServiceNow parameter
userName user_name
name.familyName last_name
name.givenName first_name
name.middleName middle_name
displayName name
emails[0].value email
addresses[0].streetAddress street
addresses[0].locality city
addresses[0].region state
addresses[0].postalCode zip
addresses[0].country country
phoneNumbers[0].value(type=work) phone
title title
preferredLanguage preferred_language
timeZone time_zone
active active
password user_password
roles.value {resource}.role.value
extension.organization company
extension.department department
extension.manager.value manager.value
extension.employeeNumber employee_number
id sys_id
groups.value {resource}.group.value

extension.lastLogon

last_login_time

PhoneNumbers[0].value(type=mobile)

mobile_phone

Table 54: Group mapping
SCIM parameter ServiceNow parameter
id sys_id
displayName name
members.value {resource}.user.value
extension.description description
extension.email email

extension.groupType

type

extension.manager.value

manager.value

Connector versions and features

The following subsections describe the different connector version(s) and features available with them.

Supported Versions

The supported versions of ServiceNow connector are:

  • v.1.0
  • v.2.0

NOTE: For more information, see Connector versions.

Connector limitations

  • ServiceProviderAuthority contains only the Id field with the value being same as the instance id of the ServiceNow instance, as there are no APIs to fetch the tenant details in ServiceNow.

  • If the department name and organization name is provided during user create or update operations, the user gets assigned to the department and organization if the department and organization with the same name exists in ServiceNow cloud application.

  • If the invalid manager id is used for user's manager fields while performing user create or update operations, ServiceNow does not display any error. Instead, it invalid id is returned as the manager id.

  • In the request, if there are invalid values for timezone, language, and so on, ServiceNow does not display any error. Instead, the fields with invalid values would be blank.

  • GET Roles operation might not fetch all the roles. Some roles must be retrieved based on ServiceNow Access Control List (ACL).

  • If an invalid role id is used for user create or update operation, no error is displayed. Instead, the same invalid id in the role list is returned.

  • If an invalid member id is used for group create or update, no error is displayed. Instead, the same invalid id as the member id is returned.

  • Create User operation with existing user details shows the status code as 403 instead 409. The status code and the status message cannot be interpreted.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택