Starling Connect Identity Manager Integrated - Starling Connect for Active Roles Administration Guide

RSA Archer

RSA Archer GRC Platform supports business-level management of governance, risk management, and compliance (GRC). It lets users adapt solutions to their own requirements, build new applications, and integrate with external systems without interacting with code.

Supervisor Configuration Parameters

To configure the connector, following parameters are required:

• Connector Name - <RSA Archer>

• Username

• Password

• Instance Name - <Tenant ID ex: 324022>

• Profile Module ID - <Internal ID of an application as specified in the Application Builder Application Detail Report ex: 486>

• Profile ID - <User Profile ID ex: 239109>

• Environment(ISMS) - <Cloud application's environment ex: Test, Prod>

• Field ID - <Filed Id to get specific attribute ex: 18746>

• SCIM URL - <Cloud application's instance URL used as targetURI in payload>

Supported Objects and Operations

Users

Groups

Mandatory Fields

Users

• First Name
• Last Name

Groups

• Group Name

Connector Limitations

• The Created date and last modified date is not retrieved for users / groups.

• Cursor based pagination for Users is supported but pagination is not supported for groups.

• User's contact information cannot be created or updated.

• The following fields are read-only:

  • Phone number
  • Email

• Except the 401 error for Unauthorized and 400 error for Bad Requests, the application returns HTTP status code 500 for all other errors.

• If members are provided in group create/update request, the member type is mandatory to differentiate between a user or a group member.

• RSA Archer ISMS Groups that are retrieved in the Standard GROUPS object type are read-only.

Dropbox

Dropbox offers secure file sharing and storage. It helps users manage sharing capabilities with groups and external collaborators through central folders with granular permissions.

Supervisor Configuration Parameters

To configure the connector, following parameters are required:

• Connector name

• API key (access token) for the cloud account

Supported Objects and Operations

Users

Groups

Roles

Mandatory Fields

Users

• emails.value

Groups

• displayName

Connector Limitations

• The LastModified date is not applicable for Groups.

• Both created and lastModified dates are not applicable for Users.

• Invalid Target URL returns the below mentioned status code and error message.

  • Status code: 500
  • Error message: There was an issue processing this request error.

• User's role cannot be updated.

• The user cannot be set as active while performing create or update.

• The information about groups will not be present in the Create user response.

• The Dropbox user statuses active and invited are considered as active in the connector.

• APIs are not available to retrieve roles from Dropbox. Hence, the endpoints of the connector's roles provide predefined set of roles.

• Deleted members cannot be added to a group. In a request to add multiple members to a group, if any user is deleted (members_not_in_team), then the entire request is not executed.

• The userName property for user is read-only. However, this can be updated by updating the emails → value. The emails → value has been mapped against userName.

• Dropbox returns error 500 without any message being shown, on cursor pagination with cursor length equal to 1. The same is observed when trying to update a deleted group. In this case, the connector returns the following error code and message:

  • Error Code: 400
  • Error message: Error occurred.

Crowd

Crowd is a single sign-on software that lets your system administrator connect multiple applications to one user login and password. Users only need one user ID and password to access any connected platform.

Supervisor Configuration Parameters

To configure the connector, following parameters are required:

• Connector Name

• Username

• Password

• SCIM URL

Supported Objects and Operations

Users

Groups

Mandatory Fields

Users

• Username
• Password

Groups

• DisplayName

Connector Limitations

• Crowd application does not have the ID field for Users and Groups. User name is considered as the userId, and the group name is considered as groupId.

• Crowd cloud application does not have a created date and modified date for Groups.

• UserName and GroupName must be used as a single term as the usage is same for userId and groupId.

• UserName cannot be updated because it is used as an Id in cloud application.

• DisplayName of Groups cannot be updated as required by the cloud application.

AtlassianJC

AtlassianJC is a connector that links Atlassian software with Jira software. It gives teams the ability to manage projects and track development efforts in the cloud.

Supervisor Configuration Parameters

To configure the connector, following parameters are required:

• Connector Name

• Username

• API Key

• SCIM URL (Cloud application's instance URL used as targetURI in payload)

Supported Objects and Operations

Users

Groups

Mandatory Fields

Users

• DisplayName
• Email Id

Groups

• DisplayName

Connector Limitations

• Cloud application does not support the Created date and Modified date.

• Timezone, Active, and Locale are readonly fields.

• Cloud application does not support the PUT operation for User objects.

• While trying to create a duplicate user, the cloud application returns an error with the status code 201. But the existing user is retrieved as the result.

• The Stride application is no longer part of Atlassian.

• Cloud application does not supports the Get All groups with pagination operation.

• The cloud application attributes for the cloud API URL is case-sensitive.