지금 지원 담당자와 채팅
지원 담당자와 채팅

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors Amazon S3 AWS ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring Amazon S3 AWS connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating Service Principal to authenticate the Azure resource management REST APIs for Azure Infrastructure connector

User and Group mapping

The ActiveCampaign connector allows you to connect ActiveCampaign with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance ActiveCampaign’s wide range of marketing services and solutions.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 295: Supported operations for Users

Operation

VERB

Create User

POST

Update User PUT
Delete User DELETE
Get User GET
Get All users GET

Groups

Table 296: Supported operations for Groups

Operation

VERB

Create Group POST
Update Group PUT
Get Group GET
Delete Group DELETE
Get Group Members GET
Get all Groups GET

Mandatory fields

This section lists the mandatory fields required to create Users and Groups.

Users

  • Name.GivenName

  • Name.FamilyName

  • Email

  • Username

  • password

  • GroupId

Groups

DisplayName

The user and group mappings are listed in the tables below.

Users

Table 297: User mapping
SCIM parameter ActiveCampaign parameter
Id id
UserName username
DisplayName firstName+ lastName
Name.GivenName firstName

Name.FamilyName

lastName

Emails.Value

email

Groups[].value (readOnly)

groupid

PhoneNumbers[].value

phone

Meta.Created

cdate

Meta.LastModified

udate

Password

Password

userExtension.groupId (WriteOnly)

groupid

 

Table 298: Group mapping
SCIM Parameter ActiveCampaign parameter
Id Id
displayName title
members[].value (groupMembersResponse) userid
groupExtension.Description Descript

Connector limitations

  • GroupId is a writeOnly mandatory extension property while creating or updating a User.

  • Membership operations are not implemented due to the unavailability of APIs.

  • The Groups property in the schema of the User is an on-demand attribute, which will not be fetched during the operation GET User by Id unless the request has an attribute for groups.

Connector limitations

The ActiveCampaign connector allows you to connect ActiveCampaign with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance ActiveCampaign’s wide range of marketing services and solutions.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 295: Supported operations for Users

Operation

VERB

Create User

POST

Update User PUT
Delete User DELETE
Get User GET
Get All users GET

Groups

Table 296: Supported operations for Groups

Operation

VERB

Create Group POST
Update Group PUT
Get Group GET
Delete Group DELETE
Get Group Members GET
Get all Groups GET

Mandatory fields

This section lists the mandatory fields required to create Users and Groups.

Users

  • Name.GivenName

  • Name.FamilyName

  • Email

  • Username

  • password

  • GroupId

Groups

DisplayName

User and Group mapping

The user and group mappings are listed in the tables below.

Users

Table 297: User mapping
SCIM parameter ActiveCampaign parameter
Id id
UserName username
DisplayName firstName+ lastName
Name.GivenName firstName

Name.FamilyName

lastName

Emails.Value

email

Groups[].value (readOnly)

groupid

PhoneNumbers[].value

phone

Meta.Created

cdate

Meta.LastModified

udate

Password

Password

userExtension.groupId (WriteOnly)

groupid

 

Table 298: Group mapping
SCIM Parameter ActiveCampaign parameter
Id Id
displayName title
members[].value (groupMembersResponse) userid
groupExtension.Description Descript
  • GroupId is a writeOnly mandatory extension property while creating or updating a User.

  • Membership operations are not implemented due to the unavailability of APIs.

  • The Groups property in the schema of the User is an on-demand attribute, which will not be fetched during the operation GET User by Id unless the request has an attribute for groups.

Webex

The Webex connector allows you to connect Webex with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance Webex's real-time video conferencing and communication services. With features such as file sharing, screen sharing, the Webex application enables teams to collaborate without interruption over any device such as mac, PC, or mobile.

Connector configuration

Webex connector requires customer consent to retrieve resource details using REST APIs. Currently, the Webex connector supports the configuration of a single tenant connector only.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • Client Id for the integration app

  • Client Secret of the integration app

  • Target URL (Cloud application's instance URL used as target URI in payload. The value needs to be https://webexapis.com/v1)

  • Instance DateTime Offset (refer Configuring additional datetime offset in connectors for more details).

Supported objects and operations

Users

Table 299: Supported operations for Users
Operation VERB
Create User POST
Update User PUT
Delete User DELETE
Get User GET
Get Users GET

Groups

Table 300: Supported operations for Groups
Operation Operation
Create Group POST
Update Group PUT
Delete Group DELETE
Get Group GET

Get Groups

GET

Roles

Table 301: Supported operations for Roles
Operation Operation
Get Role GET
Get Roles GET

Profiles

Table 302: Supported operations for Profiles
Operation Operation
Get Profile GET
Get Profiles GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • emails.value

  • displayName

Groups

  • displayName

    User and Group mapping

    The user and group mappings are listed in the tables below.

    Table 303: User mapping
    SCIM Parameter Webex parameter
    id id
    userName emails[0]
    name.familyName lastName
    name.givenName firstName
    name.formatted firstName lastName

    displayName

    displayName

    nickName

    nickName

    emails[0].value

    emails[0]

    timezone

    timezone

    active

    loginEnabled

    userType

    type

    roles[].value

    roles[]

    entitlements[].value

    licenses[]

    photos[].value

    avatar

    userExtension.organization

    orgId

    userExtension.status

    status

    meta.created

    created

    meta.lastModified

    lastModified

    Groups

    Table 304: Groups mapping
    SCIM Parameter Webex parameter
    id id
    displayName name
    members[].value members[].personId
    members[].display members[].personDisplayName
    meta.created created

    Connector limitations

    • If the wrong cursor is passed in the request, the cloud instance does not validate it as an error. Hence the SCIM response will contain only the schema URN and the previous cursor.

    • Sometimes, even though the wrong cursor is passed in the request, the cloud instance returns the resources.

    • Webex User creation requires you to pass either of one of the following attributes as a mandatory attribute
      • displayName
      • givenName
      • familyName

        NOTE: The attribute displayName is considered as a mandatory attribute for user creation in the connector.

    • Multiple groups with the same name can be created due to target system behavior.

    • The last moderator of a group can leave the group or can be unassigned from the group only if there are no members in the group. This happens due to target system behavior.

    • When you update a group, removing the last member of the group removes the entire group due to target system behavior. In this scenario, the WebEx connector returns error 404 as the update operation internally is carried out internally as

      1. update group name
      2. manage members
      3. retrieve updated group details
    • When a group member, who is a moderator of the group and whose credentials are used while providing consent for the Webex integration app, gets removed from the Webex connector group update operations or has been assigned as a normal member but not a moderator through the Webex Teams User Interface, then the Webex connector fails to update the group due to insufficient privileges on that particular the group.

    • Deleting or updating a deleted user results in error 403 due to target system behavior.

  • Connector configuration

    The Webex connector allows you to connect Webex with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance Webex's real-time video conferencing and communication services. With features such as file sharing, screen sharing, the Webex application enables teams to collaborate without interruption over any device such as mac, PC, or mobile.

    Webex connector requires customer consent to retrieve resource details using REST APIs. Currently, the Webex connector supports the configuration of a single tenant connector only.

    Supervisor configuration parameters

    To configure the connector, following parameters are required:

    • Connector name

    • Client Id for the integration app

    • Client Secret of the integration app

    • Target URL (Cloud application's instance URL used as target URI in payload. The value needs to be https://webexapis.com/v1)

    • Instance DateTime Offset (refer Configuring additional datetime offset in connectors for more details).

    Supported objects and operations

    Users

    Table 299: Supported operations for Users
    Operation VERB
    Create User POST
    Update User PUT
    Delete User DELETE
    Get User GET
    Get Users GET

    Groups

    Table 300: Supported operations for Groups
    Operation Operation
    Create Group POST
    Update Group PUT
    Delete Group DELETE
    Get Group GET

    Get Groups

    GET

    Roles

    Table 301: Supported operations for Roles
    Operation Operation
    Get Role GET
    Get Roles GET

    Profiles

    Table 302: Supported operations for Profiles
    Operation Operation
    Get Profile GET
    Get Profiles GET

    Mandatory fields

    This section lists the mandatory fields required to create a User or Group:

    Users

    • emails.value

    • displayName

    Groups

  • displayName

    User and Group mapping

    The user and group mappings are listed in the tables below.

    Table 303: User mapping
    SCIM Parameter Webex parameter
    id id
    userName emails[0]
    name.familyName lastName
    name.givenName firstName
    name.formatted firstName lastName

    displayName

    displayName

    nickName

    nickName

    emails[0].value

    emails[0]

    timezone

    timezone

    active

    loginEnabled

    userType

    type

    roles[].value

    roles[]

    entitlements[].value

    licenses[]

    photos[].value

    avatar

    userExtension.organization

    orgId

    userExtension.status

    status

    meta.created

    created

    meta.lastModified

    lastModified

    Groups

    Table 304: Groups mapping
    SCIM Parameter Webex parameter
    id id
    displayName name
    members[].value members[].personId
    members[].display members[].personDisplayName
    meta.created created

    Connector limitations

    • If the wrong cursor is passed in the request, the cloud instance does not validate it as an error. Hence the SCIM response will contain only the schema URN and the previous cursor.

    • Sometimes, even though the wrong cursor is passed in the request, the cloud instance returns the resources.

    • Webex User creation requires you to pass either of one of the following attributes as a mandatory attribute
      • displayName
      • givenName
      • familyName

        NOTE: The attribute displayName is considered as a mandatory attribute for user creation in the connector.

    • Multiple groups with the same name can be created due to target system behavior.

    • The last moderator of a group can leave the group or can be unassigned from the group only if there are no members in the group. This happens due to target system behavior.

    • When you update a group, removing the last member of the group removes the entire group due to target system behavior. In this scenario, the WebEx connector returns error 404 as the update operation internally is carried out internally as

      1. update group name
      2. manage members
      3. retrieve updated group details
    • When a group member, who is a moderator of the group and whose credentials are used while providing consent for the Webex integration app, gets removed from the Webex connector group update operations or has been assigned as a normal member but not a moderator through the Webex Teams User Interface, then the Webex connector fails to update the group due to insufficient privileges on that particular the group.

    • Deleting or updating a deleted user results in error 403 due to target system behavior.

  • 관련 문서

    The document was helpful.

    평가 결과 선택

    I easily found the information I needed.

    평가 결과 선택