지금 지원 담당자와 채팅
지원 담당자와 채팅

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

User and Group mapping

Atlassian JIRA Confluence is a connector that links Atlassian software with Jira software. It gives teams the ability to manage projects and track development efforts in the cloud.

NOTE: AtlassianJC supports the Jira software and Confluence

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • Username

  • API Key

  • SCIM URL (Cloud application's instance URL used as targetURI in payload)

Supported objects and operations

Users

Table 64: Supported operations for Users

Operation

VERB

Create

POST

Delete

DELETE

Get All Users

GET

Get (Id)

GET

Get All Users with pagination GET

Groups

Table 65: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get All Groups

GET

Get (Id)

GET

Mandatory fields

Users

  • DisplayName
  • Email Id

Groups

  • DisplayName

The user and group mapping is listed in the table below.

Table 66: User mapping
SCIM parameter Atlassian JIRA Confluence parameter
Id accountId
userName emailAddress
password password
Name.Formatted displayName
DisplayName displayName
email.value emailAddress
Active active
Timezone timeZone
Locale locale
Groups.Value name
Table 67: Group mapping
SCIM parameter Atlassian JIRA Confluence parameter
Id name
DisplayName name
members.value accountId
members.display displayName

Connector limitations

  • Cloud application does not support the Created date and Modified date.
  • Timezone, Active, and Locale are readonly fields.

  • Cloud application does not support the PUT operation for User objects.

  • While trying to create a duplicate user, the cloud application returns an error with the status code 201. But the existing user is retrieved as the result.

  • The Stride application is no longer part of Atlassian.

  • Cloud application does not supports the Get All groups with pagination operation.

  • The cloud application attributes for the cloud API URL is case-sensitive.

Connector limitations

Atlassian JIRA Confluence is a connector that links Atlassian software with Jira software. It gives teams the ability to manage projects and track development efforts in the cloud.

NOTE: AtlassianJC supports the Jira software and Confluence

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • Username

  • API Key

  • SCIM URL (Cloud application's instance URL used as targetURI in payload)

Supported objects and operations

Users

Table 64: Supported operations for Users

Operation

VERB

Create

POST

Delete

DELETE

Get All Users

GET

Get (Id)

GET

Get All Users with pagination GET

Groups

Table 65: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get All Groups

GET

Get (Id)

GET

Mandatory fields

Users

  • DisplayName
  • Email Id

Groups

  • DisplayName

User and Group mapping

The user and group mapping is listed in the table below.

Table 66: User mapping
SCIM parameter Atlassian JIRA Confluence parameter
Id accountId
userName emailAddress
password password
Name.Formatted displayName
DisplayName displayName
email.value emailAddress
Active active
Timezone timeZone
Locale locale
Groups.Value name
Table 67: Group mapping
SCIM parameter Atlassian JIRA Confluence parameter
Id name
DisplayName name
members.value accountId
members.display displayName
  • Cloud application does not support the Created date and Modified date.
  • Timezone, Active, and Locale are readonly fields.

  • Cloud application does not support the PUT operation for User objects.

  • While trying to create a duplicate user, the cloud application returns an error with the status code 201. But the existing user is retrieved as the result.

  • The Stride application is no longer part of Atlassian.

  • Cloud application does not supports the Get All groups with pagination operation.

  • The cloud application attributes for the cloud API URL is case-sensitive.

Trello

Trello is a web-based project organizer with both free and paid services. Users can create projects, with room to add comments, additional information, and attachments.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • API Key for the cloud account
  • Access token for the cloud account

Supported objects and operations

Users

Table 68: Supported operations and objects for Users

Operation

VERB

Get (Id) GET

Get all users

GET

Groups

Table 69: Supported operations and objects for Groups

Operation

VERB

Create POST
Update PUT
Delete DELETE
Get (Id) GET
Get all groups GET

Mandatory fields

Groups

  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 70: User mapping
SCIM parameter Trello parameter
id id
userName username
name.formatted fullName
displayName fullName
emails[0].value email
active confirmed
groups[].value
organizations[].id
boards[].id
groups[].display
organizations[].displayName
boards[].name

 

Table 71: Group mapping
SCIM parameter Trello parameter
id id
displayName
organization.displayName
board.name
extension.description
organization.desc
board.desc
extension.name organization.name
extension.organizationId board.idOrganization

members[].value

members[].id

members[].display

members[].fullName

Connector limitations

  • The Created and LastModified dates are not supported for Users and Groups.

  • Pagination is not supported for getting Users and Groups.

  • Invalid Target URL throws the following status code and message:

    • Code: 500
    • Message: There was an issue processing this request error
  • Create, Update and Delete operations are not supported for Users.

  • When a group of the type board created without associating any organization or team, users can not be added to this board (group). Only the user whose credentials are used to create the board can be added.

  • As there is no concept of users under an account under Trello, the get users operation is achieved by retrieving members of the groups (organizations and boards) to which the user (whose credentials are used for authorizing the API requests) has access.

  • As there are no APIs to retrieve all users or groups, it is required to use /search API by setting the query with characters from [a-z] and [0-9]. This introduces a drop in performance.

  • Both organizations and boards of Trello are considered as groups in the connector. Boards can be associated with organizations but organizations cannot be associated with boards.

  • A board cannot be added under organization via group membership operations. Instead, board can be associated with the organization by providing the organization id while performing create or update operation.

  • While performing the group membership operation, removal of membership of a user, whose credentials are used for the authorization of the connector, from the group (organization or board) , will not be carried out because after removing membership, any operation on that particular group cannot be performed with these credentials, as the user is unauthorized.

  • While performing group membership operation, removal of the membership of a user who is the only admin of the group (organization or board), is not possible as the group requires at least one admin.

  • Group update or deletion of a group (organization or board) is not possible if the user whose credentials are used to authorize the connector is not the admin of the particular group.

  • All users would be added as normal users for group membership management operations.

  • While performing the update of an organization (group) with the short name and invalid id, Trello initially checks for the uniqueness of the short name and then checks for the existence of the id.

  • All group memberships are of the users type.

  • A board can only be associated with a single organization. Disassociation of a board from organization is not possible. Hence, the group membership does not support addition or removal of boards as a member of the organization.

    IMPORTANT: Please note the important points below:

    • If the Organization short name is available, it has to be unique.

    • While creating a group (of type either organization or board), the user will be a member of the group by default, whose credentials are used for the connector authorization.

    • The type property will not be returned as a group response. To differentiate the group type, the id of the group will be appended with @o or @b for organization type or board type respectively.

    • While creating a group, it is necessary to provide a property type in group extension to differentiate the type of the group (organization or board) that is created. The type property takes values o or b for organization and board respectively. If the type is not provided, it will be assumed as o.

Supervisor configuration parameters

Trello is a web-based project organizer with both free and paid services. Users can create projects, with room to add comments, additional information, and attachments.

To configure the connector, following parameters are required:

  • Connector Name

  • API Key for the cloud account
  • Access token for the cloud account

Supported objects and operations

Users

Table 68: Supported operations and objects for Users

Operation

VERB

Get (Id) GET

Get all users

GET

Groups

Table 69: Supported operations and objects for Groups

Operation

VERB

Create POST
Update PUT
Delete DELETE
Get (Id) GET
Get all groups GET

Mandatory fields

Groups

  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 70: User mapping
SCIM parameter Trello parameter
id id
userName username
name.formatted fullName
displayName fullName
emails[0].value email
active confirmed
groups[].value
organizations[].id
boards[].id
groups[].display
organizations[].displayName
boards[].name

 

Table 71: Group mapping
SCIM parameter Trello parameter
id id
displayName
organization.displayName
board.name
extension.description
organization.desc
board.desc
extension.name organization.name
extension.organizationId board.idOrganization

members[].value

members[].id

members[].display

members[].fullName

Connector limitations

  • The Created and LastModified dates are not supported for Users and Groups.

  • Pagination is not supported for getting Users and Groups.

  • Invalid Target URL throws the following status code and message:

    • Code: 500
    • Message: There was an issue processing this request error
  • Create, Update and Delete operations are not supported for Users.

  • When a group of the type board created without associating any organization or team, users can not be added to this board (group). Only the user whose credentials are used to create the board can be added.

  • As there is no concept of users under an account under Trello, the get users operation is achieved by retrieving members of the groups (organizations and boards) to which the user (whose credentials are used for authorizing the API requests) has access.

  • As there are no APIs to retrieve all users or groups, it is required to use /search API by setting the query with characters from [a-z] and [0-9]. This introduces a drop in performance.

  • Both organizations and boards of Trello are considered as groups in the connector. Boards can be associated with organizations but organizations cannot be associated with boards.

  • A board cannot be added under organization via group membership operations. Instead, board can be associated with the organization by providing the organization id while performing create or update operation.

  • While performing the group membership operation, removal of membership of a user, whose credentials are used for the authorization of the connector, from the group (organization or board) , will not be carried out because after removing membership, any operation on that particular group cannot be performed with these credentials, as the user is unauthorized.

  • While performing group membership operation, removal of the membership of a user who is the only admin of the group (organization or board), is not possible as the group requires at least one admin.

  • Group update or deletion of a group (organization or board) is not possible if the user whose credentials are used to authorize the connector is not the admin of the particular group.

  • All users would be added as normal users for group membership management operations.

  • While performing the update of an organization (group) with the short name and invalid id, Trello initially checks for the uniqueness of the short name and then checks for the existence of the id.

  • All group memberships are of the users type.

  • A board can only be associated with a single organization. Disassociation of a board from organization is not possible. Hence, the group membership does not support addition or removal of boards as a member of the organization.

    IMPORTANT: Please note the important points below:

    • If the Organization short name is available, it has to be unique.

    • While creating a group (of type either organization or board), the user will be a member of the group by default, whose credentials are used for the connector authorization.

    • The type property will not be returned as a group response. To differentiate the group type, the id of the group will be appended with @o or @b for organization type or board type respectively.

    • While creating a group, it is necessary to provide a property type in group extension to differentiate the type of the group (organization or board) that is created. The type property takes values o or b for organization and board respectively. If the type is not provided, it will be assumed as o.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택