Chat now with support
Chat with Support

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

User and Group mapping

Box lets users securely store, access, share, and collaboratively work on files across devices. It is accessible through web and mobile applications and REST APIs. It features functions such as search, metadata, granular permission models, enterprise-grade security, retention policies, and preview capabilities.

Supervisor configuration parameters

To configure the connector, following parameters are required:

To get the Box credentials

  1. Create an account in Box.

  2. Log in to the Box account . The URL will be similar to https://{Business_Name}.app.box.com/folder/0.

  3. Navigate to the Developer console.

  4. Create a new custom application.

  5. Select OAuth 2.0 with JWT (server authentication) as the authentication method.

  6. Enter a relevant name for the application that is to be created.
  7. Click View App and navigate to the Configuration section.

  8. Set the value of Application Access to Enterprise.

  9. Enable the advanced features by selecting the following options:

    • Perform action as Users
    • Generate User access token
  10. In the Add and manage public keys section, click generate Public/Private Key pair button. A config JSON file gets downloaded and it includes the credentials, that are required to get the access token for authentication.

Supported objects and operations

Users

Table 72: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get user by Id

GET

Get all users

GET

Get all users with pagination

GET

Groups

Table 73: Supported operations for Groups

Operation

VERB

Create POST
Update

PUT

Delete DELETE
Get group by Id GET
Get all groups GET

Get all groups with pagination

GET

Mandatory fields

Users

  • DisplayName
  • Email ID

Groups

  • DisplayName

The user and group mappings are listed in the tables below.

Table 74: User mapping
SCIM parameter Box parameter
id id
login email[0].value
login userName
name name.formatted
name displayName
status active
address address[0].formatted
type userType
phone PhoneNumbers[0].Value
status active
job_title title
language preferredLanguage
timezone timezone
created_at meta.created
modified_at meta.lastModified

emailAliases.entries[].id

userExtension.additionalEmails[].id

emailAliases.entries[].email

userExtension.additionalEmails[].value

emailAliases.entries[].is_confirmed

userExtension.additionalEmails[].is_confirmed

 

 

Table 75: Group mapping
SCIM parameter Box parameter
id id
displayName name
created_at created
modified_at lastModified

user[].id

members[].value

user[].name

members[].display

Connector limitations

There might be a performance impact when you add or remove multiple email aliases since the cloud application processes them one by one.

 

Connector limitations

Box lets users securely store, access, share, and collaboratively work on files across devices. It is accessible through web and mobile applications and REST APIs. It features functions such as search, metadata, granular permission models, enterprise-grade security, retention policies, and preview capabilities.

Supervisor configuration parameters

To configure the connector, following parameters are required:

To get the Box credentials

  1. Create an account in Box.

  2. Log in to the Box account . The URL will be similar to https://{Business_Name}.app.box.com/folder/0.

  3. Navigate to the Developer console.

  4. Create a new custom application.

  5. Select OAuth 2.0 with JWT (server authentication) as the authentication method.

  6. Enter a relevant name for the application that is to be created.
  7. Click View App and navigate to the Configuration section.

  8. Set the value of Application Access to Enterprise.

  9. Enable the advanced features by selecting the following options:

    • Perform action as Users
    • Generate User access token
  10. In the Add and manage public keys section, click generate Public/Private Key pair button. A config JSON file gets downloaded and it includes the credentials, that are required to get the access token for authentication.

Supported objects and operations

Users

Table 72: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get user by Id

GET

Get all users

GET

Get all users with pagination

GET

Groups

Table 73: Supported operations for Groups

Operation

VERB

Create POST
Update

PUT

Delete DELETE
Get group by Id GET
Get all groups GET

Get all groups with pagination

GET

Mandatory fields

Users

  • DisplayName
  • Email ID

Groups

  • DisplayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 74: User mapping
SCIM parameter Box parameter
id id
login email[0].value
login userName
name name.formatted
name displayName
status active
address address[0].formatted
type userType
phone PhoneNumbers[0].Value
status active
job_title title
language preferredLanguage
timezone timezone
created_at meta.created
modified_at meta.lastModified

emailAliases.entries[].id

userExtension.additionalEmails[].id

emailAliases.entries[].email

userExtension.additionalEmails[].value

emailAliases.entries[].is_confirmed

userExtension.additionalEmails[].is_confirmed

 

 

Table 75: Group mapping
SCIM parameter Box parameter
id id
displayName name
created_at created
modified_at lastModified

user[].id

members[].value

user[].name

members[].display

There might be a performance impact when you add or remove multiple email aliases since the cloud application processes them one by one.

 

Pipedrive

Pipedrive is a cloud-based sales management tool offered on a web platform and as a mobile app.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 76: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get user by Id

GET

Get all users

GET

Mandatory fields

Users

  • Emails.value
  • DisplayName

NOTE: Additional features supported: Pipedrive connector supports attribute selection for the response based on the attributes mentioned in the query parameters ?attributes=.

User mapping

The user mappings are listed in the tables below.

Table 77: User mapping
SCIM parameter Pipedrive parameter
Id id
userName email

displayName

name
Name.Formatted name
email.value email
Active active_flag
Timezone timezone_name
Locale locale
Created created
LastModified modified

Connector limitations

  • The Groups object type is not supported.

  • Pagination is not supported.
  • Deleted user object can be retrieved using Get user by ID.
  • Creation of a duplicate user does not return an error. Instead, the existing object is returned.
  • Deactivated or Deleted users can be deactivated or deleted multiple number of times.

  • Deactivated or Deleted users can be activated again.

  • The Update operation supports only the change of active flag field.

Supervisor configuration parameters

Pipedrive is a cloud-based sales management tool offered on a web platform and as a mobile app.

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 76: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get user by Id

GET

Get all users

GET

Mandatory fields

Users

  • Emails.value
  • DisplayName

NOTE: Additional features supported: Pipedrive connector supports attribute selection for the response based on the attributes mentioned in the query parameters ?attributes=.

User mapping

The user mappings are listed in the tables below.

Table 77: User mapping
SCIM parameter Pipedrive parameter
Id id
userName email

displayName

name
Name.Formatted name
email.value email
Active active_flag
Timezone timezone_name
Locale locale
Created created
LastModified modified

Connector limitations

  • The Groups object type is not supported.

  • Pagination is not supported.
  • Deleted user object can be retrieved using Get user by ID.
  • Creation of a duplicate user does not return an error. Instead, the existing object is returned.
  • Deactivated or Deleted users can be deactivated or deleted multiple number of times.

  • Deactivated or Deleted users can be activated again.

  • The Update operation supports only the change of active flag field.
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating