Chat now with support
Chat with Support

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

User and Role mapping

Majesco is the leading software partner to both the P&C and L&A insurance markets for modernization and optimization of their businesses.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 380: Supported operations for Users

Operation

VERB

Create User

POST

Get User by Id

GET

List Users

GET

Update User

PUT

Roles

Table 381: Supported operations for Roles

Operation

VERB

Get Role by Id

GET

Create Roles

POST

List Roles

GET

Update Role

PUT

Mandatory fields

Users

  • userName

  • displayName

  • emails[].value

Roles

  • name

The user mappings are listed in the tables below.

Table 382: User mapping
SCIM User Majesco User
Id id
userName userid
name.Formatted name
displayName name
active status
emails[].value email
extension.customerCode customercode

phoneNumbers[].value

phoneno

extension.domain domain
extension.isExternalUser isexternaluser
extension.isServiceUser isserviceuser
extension.isUnlock isunlock
extension.linkedUserId linkeduserid
extension.sourceIdentityStoreName sourceidentitystorename
extension.suspended suspended
meta.Created createdate
meta.LastModified modifieddate

roles[].value

userRoles[].id

roles[].display

userRoles[].rolename

extension.applications

userRoles[].rolename

Table 383: Role mapping
SCIM Role Majesco Role
Id id
name rolename
roleType roletype
description roledescription
parentRoles[].value parentroleslist[].id
parentRoles[].display parentroleslist[].rolename
childRoles[].value childroleslist[].id
childRoles[].display childroleslist[].rolename
meta.Created createddate
meta.LastModified modifieddate

members[].value

roleMembers[].id

members[].display

roleMembers[].name

Connector limitations

  • Unless modified explicitly, the User resource will not have lastModified value under meta.
  • Due to target behavior, it is not possible to disassociate parent roles from a role, however, more roles can be assigned as parent roles.
  • DELETE is not supported in the connector, instead UPDATE can be used for inactivating a user. Delete is not supported because the inactivated user at target is still returned in the LIST APIs, which would make data inconsistent at the SCIM client.
  • The assignment operations under roles or users would consider only integer valued data due to target API behavior.
  • Target API follows PUT REPLACE for update, and hence attributes not passed will get removed from the resource.
  • Due to the target behavior, it is not possible to remove all roles associated with a user as well as to remove all users under a role.

Connector limitations

Majesco is the leading software partner to both the P&C and L&A insurance markets for modernization and optimization of their businesses.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 380: Supported operations for Users

Operation

VERB

Create User

POST

Get User by Id

GET

List Users

GET

Update User

PUT

Roles

Table 381: Supported operations for Roles

Operation

VERB

Get Role by Id

GET

Create Roles

POST

List Roles

GET

Update Role

PUT

Mandatory fields

Users

  • userName

  • displayName

  • emails[].value

Roles

  • name

User and Role mapping

The user mappings are listed in the tables below.

Table 382: User mapping
SCIM User Majesco User
Id id
userName userid
name.Formatted name
displayName name
active status
emails[].value email
extension.customerCode customercode

phoneNumbers[].value

phoneno

extension.domain domain
extension.isExternalUser isexternaluser
extension.isServiceUser isserviceuser
extension.isUnlock isunlock
extension.linkedUserId linkeduserid
extension.sourceIdentityStoreName sourceidentitystorename
extension.suspended suspended
meta.Created createdate
meta.LastModified modifieddate

roles[].value

userRoles[].id

roles[].display

userRoles[].rolename

extension.applications

userRoles[].rolename

Table 383: Role mapping
SCIM Role Majesco Role
Id id
name rolename
roleType roletype
description roledescription
parentRoles[].value parentroleslist[].id
parentRoles[].display parentroleslist[].rolename
childRoles[].value childroleslist[].id
childRoles[].display childroleslist[].rolename
meta.Created createddate
meta.LastModified modifieddate

members[].value

roleMembers[].id

members[].display

roleMembers[].name

  • Unless modified explicitly, the User resource will not have lastModified value under meta.
  • Due to target behavior, it is not possible to disassociate parent roles from a role, however, more roles can be assigned as parent roles.
  • DELETE is not supported in the connector, instead UPDATE can be used for inactivating a user. Delete is not supported because the inactivated user at target is still returned in the LIST APIs, which would make data inconsistent at the SCIM client.
  • The assignment operations under roles or users would consider only integer valued data due to target API behavior.
  • Target API follows PUT REPLACE for update, and hence attributes not passed will get removed from the resource.
  • Due to the target behavior, it is not possible to remove all roles associated with a user as well as to remove all users under a role.

LuccaHR

LuccaHR provides solutions to optimize administrative and HR processes.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • API Key

  • Target URL (https://{instance}.ilucca-demo.net/)

Supported objects and operations

Users

Table 384: Supported operations for Users

Operation

VERB

Create User

POST

Get a user

GET

List Users

GET

Update a user

PUT

Departments

Table 385: Supported operations for Departments

Operation

VERB

Create a department

POST

Delete a department

DELETE

Get a department

GET

List department

GET

Update a department

PUT

Mandatory fields

Users

  • name.firstName

  • name.lastName

  • userName

  • email.value

  • extension.legalEntityId

  • extension. departmentId

Departments

  • name

User and Department mapping

The user and department mappings are listed in the tables below.

Table 386: User mapping
SCIM parameter LuccaHR parameter
displayName displayName
Emails.Value mail

Extension.birthDate

birthDate

Extension.contractEnd

dtContractEnd

Extension.contractStart

dtContractStart

Extension.department.name

department.name

Extension.department.value

departmentID

Extension.employeeNumber

employeeNumber

Extension.gender

gender

Extension.legalEntity.name

legalEntity.name

Extension.legalEntity.value

legalEntityID

Extension.manager.name

manager.name

Extension.Manager.Value

managerID

Extension.rolePrincipal.name

rolePrincipal.name

Extension.rolePrincipal.value

rolePrincipalId

Id id

meta.Created

createdOn

meta.LastModified

modifiedOn

Name.FamilyName lastName

Name.Formatted

name

Name.GivenName firstName

Roles[].display

habilitedRoles[].name

Roles[].value

habilitedRoles[].id

Title

jobTitle

UserName login
Table 387: Department mapping
SCIM parameter LuccaHR parameter
id id
name name
code code
Active isActive
head.value headID
head.name head.name
members[].value users[].id

members[].display

users[].name

meta.Created

createdOn

meta.LastModified

modifiedOn

Connector limitations

  • A user once created cannot be deleted, but it can be terminated using the PUT API.

  • Multiple departments with same name can be created.

  • Departments with one or more active users cannot be deleted.

Supervisor configuration parameters

LuccaHR provides solutions to optimize administrative and HR processes.

To configure the connector, following parameters are required:

  • Connector name

  • API Key

  • Target URL (https://{instance}.ilucca-demo.net/)

Supported objects and operations

Users

Table 384: Supported operations for Users

Operation

VERB

Create User

POST

Get a user

GET

List Users

GET

Update a user

PUT

Departments

Table 385: Supported operations for Departments

Operation

VERB

Create a department

POST

Delete a department

DELETE

Get a department

GET

List department

GET

Update a department

PUT

Mandatory fields

Users

  • name.firstName

  • name.lastName

  • userName

  • email.value

  • extension.legalEntityId

  • extension. departmentId

Departments

  • name

User and Department mapping

The user and department mappings are listed in the tables below.

Table 386: User mapping
SCIM parameter LuccaHR parameter
displayName displayName
Emails.Value mail

Extension.birthDate

birthDate

Extension.contractEnd

dtContractEnd

Extension.contractStart

dtContractStart

Extension.department.name

department.name

Extension.department.value

departmentID

Extension.employeeNumber

employeeNumber

Extension.gender

gender

Extension.legalEntity.name

legalEntity.name

Extension.legalEntity.value

legalEntityID

Extension.manager.name

manager.name

Extension.Manager.Value

managerID

Extension.rolePrincipal.name

rolePrincipal.name

Extension.rolePrincipal.value

rolePrincipalId

Id id

meta.Created

createdOn

meta.LastModified

modifiedOn

Name.FamilyName lastName

Name.Formatted

name

Name.GivenName firstName

Roles[].display

habilitedRoles[].name

Roles[].value

habilitedRoles[].id

Title

jobTitle

UserName login
Table 387: Department mapping
SCIM parameter LuccaHR parameter
id id
name name
code code
Active isActive
head.value headID
head.name head.name
members[].value users[].id

members[].display

users[].name

meta.Created

createdOn

meta.LastModified

modifiedOn

Connector limitations

  • A user once created cannot be deleted, but it can be terminated using the PUT API.

  • Multiple departments with same name can be created.

  • Departments with one or more active users cannot be deleted.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating