Chat now with support
Chat with Support

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

Oracle IDCS

Oracle IDCS is a cloud-based identity management service that integrates with existing systems and directories. Users can develop, access and deploy their applications from one platform. It works with both cloud and on-premises applications.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 150: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get user by id

GET

Get users with Pagination GET

Groups

Table 151: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get

GET

Get

GET

Mandatory fields

Users

  • userName

  • emails.value

  • name.familyName

Groups

  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 152: User mapping
SCIM Parameter Oracle IDCS parameter
Id id
userName userName
externalId externalId
name.givenName name.givenName

name.familyName

name.familyName

name.middleName name.middleName
name.formatted name.formatted
name.honorificPrefix name.honorificPrefix
name.honorificSuffix name.honorificSuffix
displayName displayName
nickName nickName
emails.value email.value
emails.type email.type
emails.primary email.primary
addresses.formatted addresses.formatted
addresses.streetAddress addresses.streetAddress
addresses.locality addresses.locality
addresses.region addresses.region
addresses.postalCode addresses.postalCode
addresses.country addresses.country
addresses.type addresses.type
phoneNumbers.value phoneNumbers.value
phoneNumbers.type phoneNumbers.type
phoneNumbers.primary phoneNumbers.primary
password password
profileUrl profileUrl
title title
userType userType
preferredLanguage preferredLanguage
locale locale
timezone timeZone
active active
entitlements.value entitlements.value
entitlements.display entitlements.display
entitlements.type entitlements.type
roles.value roles.value
roles.display roles.display
roles.type roles.type
groups.value groups.value

groups.display

groups.display

extension.organization

extension.organization

extension.division

extension.division

extension.department

extension.department

extension.manager.value

extension.manager.value

extension.manager.displayName

extension.manager.displayName

extension.costCenter

extension.costCenter

extension.employeeNumber

extension.employeeNumber

meta.created

meta.created

meta.lastModified

meta.lastModified

 

Table 153: Group mapping
SCIM parameter Oracle IDCS parameter
id id
displayName displayName
Members.value members.value
Members.display members.display
extension.externalId extension.externalId
extension.description extension.description

meta.created

meta.created

meta.lastModified

meta.lastModified

Connector limitations

  • Oracle IDCS does not validate the values provided for the roles in the user request and the same is getting assigned to the user. No validation is performed for the type, value properties for the roles. Same is the case with entitlements.

  • Groups will not be returned with the create user response.

  • Sub-Groups cannot be added in Group Memberships.

Supervisor configuration parameters

Oracle IDCS is a cloud-based identity management service that integrates with existing systems and directories. Users can develop, access and deploy their applications from one platform. It works with both cloud and on-premises applications.

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 150: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get user by id

GET

Get users with Pagination GET

Groups

Table 151: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get

GET

Get

GET

Mandatory fields

Users

  • userName

  • emails.value

  • name.familyName

Groups

  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 152: User mapping
SCIM Parameter Oracle IDCS parameter
Id id
userName userName
externalId externalId
name.givenName name.givenName

name.familyName

name.familyName

name.middleName name.middleName
name.formatted name.formatted
name.honorificPrefix name.honorificPrefix
name.honorificSuffix name.honorificSuffix
displayName displayName
nickName nickName
emails.value email.value
emails.type email.type
emails.primary email.primary
addresses.formatted addresses.formatted
addresses.streetAddress addresses.streetAddress
addresses.locality addresses.locality
addresses.region addresses.region
addresses.postalCode addresses.postalCode
addresses.country addresses.country
addresses.type addresses.type
phoneNumbers.value phoneNumbers.value
phoneNumbers.type phoneNumbers.type
phoneNumbers.primary phoneNumbers.primary
password password
profileUrl profileUrl
title title
userType userType
preferredLanguage preferredLanguage
locale locale
timezone timeZone
active active
entitlements.value entitlements.value
entitlements.display entitlements.display
entitlements.type entitlements.type
roles.value roles.value
roles.display roles.display
roles.type roles.type
groups.value groups.value

groups.display

groups.display

extension.organization

extension.organization

extension.division

extension.division

extension.department

extension.department

extension.manager.value

extension.manager.value

extension.manager.displayName

extension.manager.displayName

extension.costCenter

extension.costCenter

extension.employeeNumber

extension.employeeNumber

meta.created

meta.created

meta.lastModified

meta.lastModified

 

Table 153: Group mapping
SCIM parameter Oracle IDCS parameter
id id
displayName displayName
Members.value members.value
Members.display members.display
extension.externalId extension.externalId
extension.description extension.description

meta.created

meta.created

meta.lastModified

meta.lastModified

Connector limitations

  • Oracle IDCS does not validate the values provided for the roles in the user request and the same is getting assigned to the user. No validation is performed for the type, value properties for the roles. Same is the case with entitlements.

  • Groups will not be returned with the create user response.

  • Sub-Groups cannot be added in Group Memberships.

Supported objects and operations

Oracle IDCS is a cloud-based identity management service that integrates with existing systems and directories. Users can develop, access and deploy their applications from one platform. It works with both cloud and on-premises applications.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Users

Table 150: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get user by id

GET

Get users with Pagination GET

Groups

Table 151: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get

GET

Get

GET

Mandatory fields

Users

  • userName

  • emails.value

  • name.familyName

Groups

  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 152: User mapping
SCIM Parameter Oracle IDCS parameter
Id id
userName userName
externalId externalId
name.givenName name.givenName

name.familyName

name.familyName

name.middleName name.middleName
name.formatted name.formatted
name.honorificPrefix name.honorificPrefix
name.honorificSuffix name.honorificSuffix
displayName displayName
nickName nickName
emails.value email.value
emails.type email.type
emails.primary email.primary
addresses.formatted addresses.formatted
addresses.streetAddress addresses.streetAddress
addresses.locality addresses.locality
addresses.region addresses.region
addresses.postalCode addresses.postalCode
addresses.country addresses.country
addresses.type addresses.type
phoneNumbers.value phoneNumbers.value
phoneNumbers.type phoneNumbers.type
phoneNumbers.primary phoneNumbers.primary
password password
profileUrl profileUrl
title title
userType userType
preferredLanguage preferredLanguage
locale locale
timezone timeZone
active active
entitlements.value entitlements.value
entitlements.display entitlements.display
entitlements.type entitlements.type
roles.value roles.value
roles.display roles.display
roles.type roles.type
groups.value groups.value

groups.display

groups.display

extension.organization

extension.organization

extension.division

extension.division

extension.department

extension.department

extension.manager.value

extension.manager.value

extension.manager.displayName

extension.manager.displayName

extension.costCenter

extension.costCenter

extension.employeeNumber

extension.employeeNumber

meta.created

meta.created

meta.lastModified

meta.lastModified

 

Table 153: Group mapping
SCIM parameter Oracle IDCS parameter
id id
displayName displayName
Members.value members.value
Members.display members.display
extension.externalId extension.externalId
extension.description extension.description

meta.created

meta.created

meta.lastModified

meta.lastModified

Connector limitations

  • Oracle IDCS does not validate the values provided for the roles in the user request and the same is getting assigned to the user. No validation is performed for the type, value properties for the roles. Same is the case with entitlements.

  • Groups will not be returned with the create user response.

  • Sub-Groups cannot be added in Group Memberships.

Mandatory fields

Oracle IDCS is a cloud-based identity management service that integrates with existing systems and directories. Users can develop, access and deploy their applications from one platform. It works with both cloud and on-premises applications.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 150: Supported operations for Users

Operation

VERB

Create

POST

Update

PUT

Delete

DELETE

Get all users

GET

Get user by id

GET

Get users with Pagination GET

Groups

Table 151: Supported operations for Groups

Operation

VERB

Create

POST

Update

PUT

Delete 

DELETE

Get

GET

Get

GET

Users

  • userName

  • emails.value

  • name.familyName

Groups

  • displayName

User and Group mapping

The user and group mappings are listed in the tables below.

Table 152: User mapping
SCIM Parameter Oracle IDCS parameter
Id id
userName userName
externalId externalId
name.givenName name.givenName

name.familyName

name.familyName

name.middleName name.middleName
name.formatted name.formatted
name.honorificPrefix name.honorificPrefix
name.honorificSuffix name.honorificSuffix
displayName displayName
nickName nickName
emails.value email.value
emails.type email.type
emails.primary email.primary
addresses.formatted addresses.formatted
addresses.streetAddress addresses.streetAddress
addresses.locality addresses.locality
addresses.region addresses.region
addresses.postalCode addresses.postalCode
addresses.country addresses.country
addresses.type addresses.type
phoneNumbers.value phoneNumbers.value
phoneNumbers.type phoneNumbers.type
phoneNumbers.primary phoneNumbers.primary
password password
profileUrl profileUrl
title title
userType userType
preferredLanguage preferredLanguage
locale locale
timezone timeZone
active active
entitlements.value entitlements.value
entitlements.display entitlements.display
entitlements.type entitlements.type
roles.value roles.value
roles.display roles.display
roles.type roles.type
groups.value groups.value

groups.display

groups.display

extension.organization

extension.organization

extension.division

extension.division

extension.department

extension.department

extension.manager.value

extension.manager.value

extension.manager.displayName

extension.manager.displayName

extension.costCenter

extension.costCenter

extension.employeeNumber

extension.employeeNumber

meta.created

meta.created

meta.lastModified

meta.lastModified

 

Table 153: Group mapping
SCIM parameter Oracle IDCS parameter
id id
displayName displayName
Members.value members.value
Members.display members.display
extension.externalId extension.externalId
extension.description extension.description

meta.created

meta.created

meta.lastModified

meta.lastModified

Connector limitations

  • Oracle IDCS does not validate the values provided for the roles in the user request and the same is getting assigned to the user. No validation is performed for the type, value properties for the roles. Same is the case with entitlements.

  • Groups will not be returned with the create user response.

  • Sub-Groups cannot be added in Group Memberships.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating