Converse agora com nosso suporte
Chat com o suporte

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM S3 ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring Amazon S3 AWS connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

Configuring custom attributes in connectors

This section describes the steps to configure custom attributes using Starling Connect for connectors.

NOTE:

  • You must first configure custom attributes in the target system before configuring them in Starling Connect.

  • When you are configure custom attributes in Starling Connect, make sure that you provide the custom attribute that you configured in the cloud application because Starling Connect does not perform any validation to check if you have provided a custom attribute that exists in the cloud application.

  • This issue is common for all connectors that allow you to configure custom attributes in Starling Connect.

To configure a custom attribute:

  1. Navigate to the configured connector in the Active Connectors section.
  2. Click the connector tile.

    The General Configuration and Schema Configuration are displayed.

  3. Click EDIT.

    The Schema Configuration displays the Custom Attributes section, where you can configure the custom attributes.

    NOTE: If you have already configured any custom attributes, they are displayed in the Custom Attributes section.

  4.   Select the object under which you want to create the custom attribute.
  5.  In the Custom Attributes section, enter the appropriate values in the following fields:
    • Data Type
    • Target System Attribute name
    • Description

    NOTE:

    Choose the required option from the available list of data types in the Data Type field

    • Binary
    • Boolean
    • DateTime
    • Decimal
    • Integer
    • String
  6. Click SAVE.

    NOTE:

    • To configure another custom attribute, click ADD ATTRIBUTE.
    • To remove a custom attribute, select the custom attribute and click Remove.
    • To modify and existing custom attribute, click the custom attribute and enter new configuration details.
  7. Enter the configuration details in the General Configuration section and click Test Connection.
  8. Click SAVE.

    The newly created custom attribute is displayed in Custom Attributes section and is available in One Identity Manager.

 

NOTE:

  • In SuccessFactors HR connector, if a custom attribute is a part of navigation, then you must enter it in the following format in Starling Connect: <navigation>$$<custom_attribute>. For example, you must enter userNav/dateOfBirth as userNav$$dateOfBirth in Starling Connect.
  • The SuccessFactors HR connector supports single level of navigation only.

 

Disabling attributes

The Disable attribute feature can be used when you want to skip an attribute that exists in the target system.

NOTE: Mandatory attributes cannot be disabled.

This section describes the steps to disable an attribute using Starling Connect.

To disable an attribute:

  1. Navigate to the configured connector in the Active Connectors section.
  2. Click the connector tile.

    The General Configuration and Schema Configuration are displayed.

  3. Click EDIT.

    The Schema Configuration highlights the attributes that can be disabled.

    NOTE: You cannot disable mandatory attributes. Mandatory attributes are suffixed with a *.

  4. Toggle the attribute that you want to disable.

    NOTE: If you disable a parent attribute, all its child attributes are disabled.

  5. Enter the configuration details in the General Configuration section and click Test Connection.
  6. Click SAVE.

    The disabled attribute is removed from the SCHEMA responses and requests of the following operations:

    Operation From
    GET Schema Response
    Get <object> by Id Response
    Create <object>

    Response

    Request (which is sent from the connector to the cloud application)

    Update <object>

    Response

    Request (which is sent from the connector to the cloud application)

    NOTE: In the above table, <object> represents a connector endpoint.

Configuring a connector that uses the consent feature

This section describes the procedure to configure a connector that uses the consent feature.

To configure a connector that uses the consent feature

  1. Enter the configuration details in the General Configuration.

    NOTE:

    • Each connector requires a different set of configuration details. For more information about the configuration details for each connector, navigate to the section Supervisor configuration parameters for the connector that you want to configure, in this document.
    • Every connector license that you have, allows you to configure two different connections, one in the Production environment and the other in the Development environment. Hence, you can configure the connector to create a Starling Connect connector connection in your Development environment for testing, and then, configure it in your Production environment.
  2. Click Give Consent.

    NOTE:

    • To provide consent, use an account with administrative privileges.
    • For more information about the necessary permissions required to configure each connector, navigate to the section Connector configuration for the connector that you want to configure, in this document.
  3. Click Test Connection.
  4. Click Save.

Synchronization and integration of Roles object type with One Identity Manager

This section describes the synchronization and integration of Roles object type with One Identity Manager.

To synchronize and integrate Roles object type with One Identity Manager:

  1. Ensure that the Roles endpoint of Starling Connect Connector returns the list of Roles from the target instance.

  2. Create a mapping for Roles endpoint.

    To create a mapping for Roles endpoint:

    1. Open Synchronization Editor.

    2. Select the project.

    3. Navigate to the Navigation pane.

    4. In the Navigation pane, click Configuration.

    5. In the Navigation pane, click Target system.

    6. Click Update Schema in the General section.

    7. In the Navigation pane, click Mappings.

    8. Create a new mapping named Roles.

      To create a new mapping, click + in the Mappings section.

    9. In the Create map window, enter the values for all the fields, including the display name, in the following sections :

      • General
      • Relation

  3. Click OK.

  4. Click Next.

  5. In the Mapping Wizard window, in the Select task section, select the required template. For example, Group template.

  6. Create a new Fixed-value virtual attribute at the target system side with the name vrtRoles, for example.

    To create a Fixed-value virtual attribute:

    1. Click + at the target system side in the SCIM section.
    2. In the Create property window, enter the values for all the fields.
      The value of the Value field must be Profiles.

  7. Configure Mappings.
    To configure Mappings:

    1. Map Item type <- vrtRoles.

    2. Map Ident_UCIItem <- name.

  8. Create Synchronization workflow for Roles.

    NOTE: The procedure to Create Synchronization workflow for Roles is similar to the procedure to Create Synchronization workflow for Users and to Create Synchronization workflow for Groups.

  9. Create Provisioning workflows for Roles.

    NOTE: The procedure to Create Provisioning workflow for Roles is similar to the procedure to Create Provisioning workflow for Users and to Create Provisioning workflow for Groups.

  10. Run Synchronization.

  11. Perform assign or unassign of Roles at Users and Groups.

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação