Chat now with support
Chat with Support

Starling Connect Hosted - Active Roles Administration Guide

SCIM attribute mapping with Active Directory for users and groups

Active Roles provides support to connect to Starling Connect to manage the user provisioning and deprovisioning activities for the registered connectors. This is achieved through the internal attribute mapping mechanism. The AD attributes are mapped to SCIM attributes to perform each operation.

SCIM attribute mapping with Active Directory for Users

SCIM Active Directory
displayName displayName
givenName givenName
familyName sn
middleName middleName
title title
password edsaPassword
streetAddress streetAddress
locality city
postalCode postalCode
region state
country c
active edsaAccountIsDisabled
userName edsvauserName
honorificPrefix initials

formattedName

cn

emails proxyAddresses,mail
preferredLanguage preferredLanguage
description description
emailEncoding edsvaemailEncoding
alias edsvaalias
division division
company company
department department
homePage wWWHomePage
lastLogon lastLogon
accountExpires accountExpires

timezone

edsvatimezone

entitlements

edsvaentitlements

employeeNumber employeeNumber
cn cn
userPermissionsMarketingUser edsvauserPermissionsMarketingUser
userPermissionsOfflineUser edsvauserPermissionsOfflineUser
userPermissionsAvantgoUser edsvauserPermissionsAvantgoUser
userPermissionsCallCenterAutoLogin edsvauserPermissionsCallCenterAutoLogin
userPermissionsMobileUser edsvauserPermissionsMobileUser
userPermissionsSFContentUser edsvauserPermissionsSFContentUser
userPermissionsKnowledgeUser edsvauserPermissionsKnowledgeUser
userPermissionsInteractionUser edsvauserPermissionsInteractionUser
userPermissionsSupportUser edsvauserPermissionsSupportUser
userPermissionsLiveAgentUser edsvauserPermissionsLiveAgentUser
locale localeID
phoneNumbers telephoneNumber,mobile,homePhone
manager manager

nickname

edsvanickname

desiredDeliveryMediums

edsvadesiredDeliveryMediums

SCIM attribute mapping with Active Directory for Groups

SCIM Active Directory
displayName cn

members

member

email

mail

manager

managedBy

Disconnecting One Identity Starling from Active Roles

After you configure Active Roles to join Starling, in case you want to disconnect from Starling, on Starling tab in Starling page, click Unjoin One Identity Starling. Unjoin Starling operation will disconnect Active Roles from your subscription. You are prompted to confirm if you want to continue. Click Yes to disconnect Active Roles from your subscription and complete the Unjoin One Identity Starling operation.

Salesforce

Salesforce offers a cloud-based customer relationship management (CRM) platform that lets users track sales, service, and marketing. It includes a social networking plug-in and analytical tools including email alerts, Google search functionality, and access to contracts.

To login to the Saleforce application, you must create a trail account. For more infomation, see Setting a trial account on Salesforce

Supervisor Configuration Parameters

To configure the connector, following parameters are required:

  • Connector Name

  • Client ID - Consumer key of the connected app under API. Enable OAuth Settings (Left Menu | Build | Create | Apps).
  • Client Secret - Consumer Secret of the connected app under API. Enable OAuth Settings (Left Menu | Build | Create | Apps).

  • Username

  • Password

  • Token URL - Salesforce's token URL (https://<saleforce_instance_url>/services/oauth2/token)

  • Grant Type : password

Supported Objects and Operations in Active Roles

Users
Table 4: Supported operations for Users

Operation

VERB

Create

POST

Update (id)

PUT

Delete (id)

DELETE

Deprovision

PUT

Undo Deprovision

PUT

Groups
Table 5: Supported operations for Groups

Operation

VERB

Create

POST

Update (id)

PUT

Delete  (id)

DELETE

Deprovision PUT
Undo Deprovision PUT

Group Membership

PUT

Mandatory Fields

Users
  • Last Name
  • Email
  • Alias (Auto populated with the combination of First and/or Last name)
  • Username (Auto populated from email)
  • Nickname (Auto populated from email; takes the name before “@”)
  • Email Encoding
  • Locale Settings (Time Zone, Locale & Language)
  • Entitlements - ProfileId

Groups
  • Group Name

User and Group Mapping

The user and group mapping is listed in the table below.

Table 6: User Mapping
SCIM Parameter Salesforce Parameter
Id id
UserName Username
ExternalId FederationIdentifier
Name.GivenName FirstName
Name.FamilyName LastName
Name.Formatted Name
DisplayName Name
NickName CommunityNickname
Emails.Value Email
Photos.Value FullPhotoUrl
Addresses.StreetAddress Street
Addresses.Locality City
Addresses.Region State

Addresses.PostalCode

PostalCode

Addresses.Country

Country

PhoneNumbers.Values

Phone

UserType

UserType

Title

Title

PreferredLanguage

LanguageLocaleKey

Locale

LocaleSidKey

Timezone

TimeZoneSidKey

Active

IsActive

Groups.value

GroupId

Entitlements.Value

Profile.Id

Entitlements.Display

Profile.Name

Roles.Value

UserRole.Id

Roles.Display

UserRole.Name

Extension.PasswordLastSet

LastPasswordChangeDate

Extension.EmailEncoding

EmailEncodingKey

Extension.Organization

CompanyName

Extension.Division

Division

Extension.Department

Department

Extension.Description

AboutMe

Extension.Manager.Value

Manager.Id

Extension.Manager.DisplayName

Manager.Name

Extension.LastLogon

LastLoginDate

Extension.EmployeeNumber

EmployeeNumber

Extension.Alias

Alias

Extension.UserPermissionsMobileUser

UserPermissionsMobileUser

Extension.UserPermissionsSFContentUser

UserPermissionsSFContentUser

Extension.UserPermissionsKnowledgeUser

UserPermissionsKnowledgeUser

Extension.UserPermissionsOfflineUser

UserPermissionsOfflineUser

Extension.UserPermissionsMarketingUser

UserPermissionsMarketingUser

Extension.UserPermissionsCallCenterAutoLogin

UserPermissionsCallCenterAutoLogin

Extension.UserPermissionsInteractionUser

UserPermissionsInteractionUser

Extension.UserPermissionsSupportUser

UserPermissionsSupportUser

Extension.FullPhotoUrl

FullPhotoUrl

Meta.Created

CreatedDate

Meta.LastModified

LastModifiedDate

Table 7: Group Mapping
SCIM Parameter Salesforce Parameter
Id Id
DisplayName Name
Members.value UserOrGroupId
Meta.Created CreatedDate
Meta.LastModified LastModifiedDate

Connector Limitations

  • Even if the Count value is less than 2000, the resources are returned as 2000.
  • Currently, the connector supports only salesforce api version 41.0.

Facebook Workplace

Workplace is a collaborative business platform run by Facebook to help users communicate through groups, chat, and social networking in a corporate environment.

Supervisor Configuration Parameters

To configure the connector, following parameters are required:

  • Connector Name

  • API Key

Supported Objects and Operations

Users
Table 8: Supported operations and objects for Users

Operation

VERB

Create

POST

Update (Id)

PUT

Delete (Id) DELETE
Deprovision PUT
Undo Deprovision PUT
Groups
Table 9: Supported operations and objects for Groups

Operation

VERB

Create POST
Update (Id) PUT
Delete (Id) DELETE

Group Membership

PUT

Mandatory Fields

Users
  • User Name
  • Name (Formatted)
  • Active
Groups
  • Group Name

User and Group Mapping

The user and group mappings are listed in the tables below.

Table 10: User Mapping
SCIM Parameter FBWorkplace Parameter
Id Id
UserName userName
Name.Formatted name.formatted
Name.GivenName name.givenName
Name.FamilyName name.familyName
Name.MiddleName name.middleName
Name.HonorificPrefix name.honorificPrefix
Name.HonorificSuffix name.honorificSuffix
DisplayName displayName
NickName nickName
UserType userType
Title title
PreferredLanguage preferredLanguage

Locale

locale

Timezone

timezone

Active

active

Emails

emails

Addresses

addresses

PhoneNumbers

phoneNumbers

Groups.value

Group.id

Groups.display

Group.name

Roles.Value

Role.Id

Extension.Organization

organization

Extension.Division

division

Extension.Department

department

Extension.Manager.Value

manager.managerId

Extension.EmployeeNumber

employeeNumber

Extension.CostCenter

costCenter

 

Table 11: Group Mapping
SCIM Parameter FBWorkplace Parameter
Id Id
DisplayName Name
Members.value UserOrGroupId
Meta.Created CreatedDate
Meta.LastModified LastModifiedDate

Connector Limitations

  • Removal of the last member of a group deletes the group automatically.
  • At least one user must be a member of a group to use it.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating