지금 지원 담당자와 채팅
지원 담당자와 채팅

Starling Connect Identity Manager Integrated - Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Configuring connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors Amazon S3 AWS ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD GSuite Concur Tableau GoToMeeting Coupa AWS Cognito Okta Creating a service account in GSuite Setting a trial account on Salesforce Working with Azure AD Generating a private key for service account in GoToMeeting OneIM limitations Configuring Amazon S3 AWS connector to support entitlements for User and Group Outbound IP addresses

Atlassian JIRA Confluence

Atlassian JIRA Confluence is a connector that links Atlassian software with Jira software. It gives teams the ability to manage projects and track development efforts in the cloud.

NOTE: AtlassianJC supports the Jira software and Confluence

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • Username

  • API Key

  • SCIM URL (Cloud application's instance URL used as targetURI in payload)

Supported objects and operations

Users
Table 54: Supported operations for Users

Operation

VERB

Create

POST

Delete

DELETE

Get All Users

GET

Get (Id)

GET

Get All Users with pagination GET
Groups
Table 55: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get All Groups

GET

Get (Id)

GET

Mandatory fields

Users
  • DisplayName
  • Email Id
Groups
  • DisplayName

User and Group mapping

The user and group mapping is listed in the table below.

Table 56: User mapping
SCIM parameter Atlassian JIRA Confluence parameter
Id accountId
userName emailAddress
password password
Name.Formatted displayName
DisplayName displayName
email.value emailAddress
Active active
Timezone timeZone
Locale locale
Groups.Value name
Table 57: Group mapping
SCIM parameter Atlassian JIRA Confluence parameter
Id name
DisplayName name
members.value accountId
members.display displayName

Connector limitations

  • Cloud application does not support the Created date and Modified date.
  • Timezone, Active, and Locale are readonly fields.

  • Cloud application does not support the PUT operation for User objects.

  • While trying to create a duplicate user, the cloud application returns an error with the status code 201. But the existing user is retrieved as the result.

  • The Stride application is no longer part of Atlassian.

  • Cloud application does not supports the Get All groups with pagination operation.

  • The cloud application attributes for the cloud API URL is case-sensitive.

Trello

Trello is a web-based project organizer with both free and paid services. Users can create projects, with room to add comments, additional information, and attachments.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector Name

  • API Key for the cloud account
  • Access token for the cloud account

Supported objects and operations

Users
Table 58: Supported operations and objects for Users

Operation

VERB

Get (Id) GET

Get all users

GET

Groups
Table 59: Supported operations and objects for Groups

Operation

VERB

Create POST
Update PUT
Delete DELETE
Get (Id) GET
Get all groups GET

Mandatory fields

Groups
  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 60: User mapping
SCIM parameter Trello parameter
id id
userName username
name.formatted fullName
displayName fullName
emails[0].value email
active confirmed
groups[].value
organizations[].id
boards[].id
groups[].display
organizations[].displayName
boards[].name

 

Table 61: Group mapping
SCIM parameter Trello parameter
id id
displayName
organization.displayName
board.name
extension.description
organization.desc
board.desc
extension.name organization.name
extension.organizationId board.idOrganization

members[].value

members[].id

members[].display

members[].fullName

Connector limitations

  • The Created and LastModified dates are not supported for Users and Groups.

  • Pagination is not supported for getting Users and Groups.

  • Invalid Target URL throws the following status code and message:

    • Code: 500
    • Message: There was an issue processing this request error
  • Create, Update and Delete operations are not supported for Users.

  • When a group of the type board created without associating any organization or team, users can not be added to this board (group). Only the user whose credentials are used to create the board can be added.

  • As there is no concept of users under an account under Trello, the get users operation is achieved by retrieving members of the groups (organizations and boards) to which the user (whose credentials are used for authorizing the API requests) has access.

  • As there are no APIs to retrieve all users or groups, it is required to use /search API by setting the query with characters from [a-z] and [0-9]. This introduces a performance hit.

  • Both organizations and boards of Trello are considered as groups in the connector. Boards can be associated with organizations but organizations cannot be associated with boards.

  • A board cannot be added under organization via group membership operations. Instead, board can be associated with the organization by providing the organization id while performing create or update operation.

  • While performing the group membership operation, removal of membership of a user, whose credentials are used for the authorization of the connector, from the group (organization or board) , will not be executed because after removing membership, any operation on that particular group cannot be performed with these credentials, as the user is unauthorized.

  • While performing group membership operation, removal of the membership of a user who is the only admin of the group (organization or board), is not possible as the group requires at least one admin.

  • Group update or deletion of a group (organization or board) is not possible if the user whose credentials are used to authorize the connector is not the admin of the particular group.

  • All users would be added as normal users for group membership management operations.

  • While performing the update of an organization (group) with the short name and invalid id, Trello initially checks for the uniqueness of the short name and then checks for the existence of the id.

  • All group memberships are of the users type.

  • A board can only be associated with a single organization. Disassociation of a board from organization is not possible. Hence, the group membership does not support addition or removal of boards as a member of the organization.

IMPORTANT: Please note the important points below:

  • If the Organization short name is available, it has to be unique.

  • While creating a group (of type either organization or board), the user will be a member of the group by default, whose credentials are used for the connector authorization.

  • The type property will not be returned as a group response. To differentiate the group type, the id of the group will be appended with @o or @b for organization type or board type respectively.

  • While creating a group, it is necessary to provide a property type in group extension to differentiate the type of the group (organization or board) that is created. The type property takes values o or b for organization and board respectively. If the type is not provided, it will be assumed as o.

Box

Box lets users securely store, access, share, and collaboratively work on files across devices. It is accessible through web and mobile applications and REST APIs. It features functions such as search, metadata, granular permission models, enterprise-grade security, retention policies, and preview capabilities.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • Client Id

  • Client Secret
  • Public Key

  • Private Key
  • Pass Phrase
  • Enterprise Id

To get the Box credentials

  1. Create an account in Box.

  2. Log in to the Box account . The URL will be similar to https://{Business_Name}.app.box.com/folder/0.

  3. Navigate to the Developer console.

  4. Create a new custom application.

  5. Select OAuth 2.0 with JWT (server authentication) as the authentication method.

  6. Enter a relevant name for the application that is to be created.
  7. Click View App and navigate to the Configuration section.

  8. Set the value of Application Access to Enterprise.

  9. Enable the advanced features by selecting the following options:

    • Perform action as Users
    • Generate User access token
  10. In the Add and manage public keys section, click generate Public/Private Key pair button. A config JSON file gets downloaded and it includes the credentials, that are required to get the access token for authentication.

Supported objects and operations

Users
Table 62: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get user by Id

GET

Get all users

GET

Get all users with pagination

GET

Groups
Table 63: Supported operations for Groups

Operation

VERB

Create POST
Update

PUT

Delete DELETE
Get group by Id GET
Get all groups GET

Get all groups with pagination

GET

Mandatory fields

Users
  • DisplayName
  • Email ID
Groups
  • DisplayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 64: User mapping
SCIM parameter Box parameter
id id
email[0].value login
userName login
name.formatted name
displayName name
active status
address[0].formatted address
userType type
PhoneNumbers[0].Value phone
active status
title job_title
preferredLanguage language
timezone timezone
meta.created created_at
meta.astModified modified_at

 

Table 65: Group mapping
SCIM parameter Box parameter
id id
name displayName
created created_at
lastModified modified_at
members[].value user[].id
members[].display user[].name

 

Pipedrive

Pipedrive is a cloud-based sales management tool offered on a web platform and as a mobile app.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • API key

  • SCIM URL (Cloud application's instance URL used as targetURL in payload)

Supported objects and operations

Users
Table 66: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get user by Id

GET

Get all users

GET

Mandatory fields

Users
  • Emails.value
  • DisplayName

User mapping

The user mappings are listed in the tables below.

Table 67: User mapping
SCIM parameter Pipedrive parameter
Id id
userName email

displayName

name
Name.Formatted name
email.value email
Active active_flag
Timezone timezone_name
Locale locale
Created created
LastModified modified

Connector limitations

  • The Groups object type is not supported.

  • Pagination is not supported.
  • Deleted user object can be retrieved using Get user by ID.
  • Creation of a duplicate user does not return an error. Instead, the existing object is returned.
  • Deactivated or Deleted users can be deactivated or deleted multiple number of times.

  • Deactivated or Deleted users can be activated again.

  • The Update operation supports only the change of active flag field.
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택