Chat now with support
Chat with Support

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID

Supervisor configuration parameters

The Informatica Cloud Services connector allows you to connect Informatica Cloud Services with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by Informatica Cloud Services.

Informatica Cloud Services is an Integration Platform as a Service (iPaaS) that allows you to integrate and synchronize data and applications in a hybrid environments.

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 234: Supported operations for Users
Operation VERB
Create User POST
Get User GET
Get all Users GET
Delete User DELETE

Groups

Table 235: Supported operations for Groups

Operation

VERB
Create Group POST
Get Group GET
Get all Groups GET
Delete Group DELETE

Roles

Table 236: Supported operations for Roles

Operation

VERB
Get all roles GET
Get role GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • userName

  • name.givenName

  • name.familyName

  • emails[].value

  • entitlements[].value

    NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Groups

  • displayName
  • entitlements[].value

NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Mappings

The user and group mappings are listed in the tables below.

Table 237: User mapping
SCIM Parameter Informatica parameter
id id
userName userName
lastName name.familyName
firstName lastName name.formatted
firstName lastName displayName
email emails[0].value
title title
state active
locale locale
timeZoneId timezone
roles[].id roles[].value

roles[].roleName

roles[].display

groups[].id

groups[].value

groups[].userGroupName

groups[].display

orgId

userExtension.orgId

description

userExtension.description

authentication

userExtension.authentication

forcePasswordChange

userExtension.forcePasswordChange

maxLoginAttempts

userExtension.maxLoginAttempts

createTime

meta.created

updateTime

meta.lastModified

Groups

Table 238: Group mapping
SCIM parameter Informatica parameter
id id
userGroupName displayName
users[].id members[].value
users[].userName members[].display

roles[].id

roles[].value

roles[].roleName

roles[].display

orgId

userExtension.orgId

description

extension.description

createTime

meta.created

updateTime

meta.lastModified

Roles

Table 239: Roles mapping
SCIM parameter Informatica parameter
id id
name roleName

Connector limitations

  • The connector does not support update operation for users and groups as the target cloud system does not support update operation for users and groups.

  • Target system roles are mapped against the entitlements in SCIM connector.

  • While creating a user or a group, role ids (entitlements) are required. It is not possible to assign entitlements from One Identity Manager client during the creation of users or groups. Hence, a logic has been added in the Starling Connect to retrieve all the roles from the target system and assign the first role (except for those which contain admin in role name) to the create resource request.

Supported objects and operations

The Informatica Cloud Services connector allows you to connect Informatica Cloud Services with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by Informatica Cloud Services.

Informatica Cloud Services is an Integration Platform as a Service (iPaaS) that allows you to integrate and synchronize data and applications in a hybrid environments.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Users

Table 234: Supported operations for Users
Operation VERB
Create User POST
Get User GET
Get all Users GET
Delete User DELETE

Groups

Table 235: Supported operations for Groups

Operation

VERB
Create Group POST
Get Group GET
Get all Groups GET
Delete Group DELETE

Roles

Table 236: Supported operations for Roles

Operation

VERB
Get all roles GET
Get role GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • userName

  • name.givenName

  • name.familyName

  • emails[].value

  • entitlements[].value

    NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Groups

  • displayName
  • entitlements[].value

NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Mappings

The user and group mappings are listed in the tables below.

Table 237: User mapping
SCIM Parameter Informatica parameter
id id
userName userName
lastName name.familyName
firstName lastName name.formatted
firstName lastName displayName
email emails[0].value
title title
state active
locale locale
timeZoneId timezone
roles[].id roles[].value

roles[].roleName

roles[].display

groups[].id

groups[].value

groups[].userGroupName

groups[].display

orgId

userExtension.orgId

description

userExtension.description

authentication

userExtension.authentication

forcePasswordChange

userExtension.forcePasswordChange

maxLoginAttempts

userExtension.maxLoginAttempts

createTime

meta.created

updateTime

meta.lastModified

Groups

Table 238: Group mapping
SCIM parameter Informatica parameter
id id
userGroupName displayName
users[].id members[].value
users[].userName members[].display

roles[].id

roles[].value

roles[].roleName

roles[].display

orgId

userExtension.orgId

description

extension.description

createTime

meta.created

updateTime

meta.lastModified

Roles

Table 239: Roles mapping
SCIM parameter Informatica parameter
id id
name roleName

Connector limitations

  • The connector does not support update operation for users and groups as the target cloud system does not support update operation for users and groups.

  • Target system roles are mapped against the entitlements in SCIM connector.

  • While creating a user or a group, role ids (entitlements) are required. It is not possible to assign entitlements from One Identity Manager client during the creation of users or groups. Hence, a logic has been added in the Starling Connect to retrieve all the roles from the target system and assign the first role (except for those which contain admin in role name) to the create resource request.

Mandatory fields

The Informatica Cloud Services connector allows you to connect Informatica Cloud Services with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by Informatica Cloud Services.

Informatica Cloud Services is an Integration Platform as a Service (iPaaS) that allows you to integrate and synchronize data and applications in a hybrid environments.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 234: Supported operations for Users
Operation VERB
Create User POST
Get User GET
Get all Users GET
Delete User DELETE

Groups

Table 235: Supported operations for Groups

Operation

VERB
Create Group POST
Get Group GET
Get all Groups GET
Delete Group DELETE

Roles

Table 236: Supported operations for Roles

Operation

VERB
Get all roles GET
Get role GET

This section lists the mandatory fields required to create a User or Group:

Users

  • userName

  • name.givenName

  • name.familyName

  • emails[].value

  • entitlements[].value

    NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Groups

  • displayName
  • entitlements[].value

NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Mappings

The user and group mappings are listed in the tables below.

Table 237: User mapping
SCIM Parameter Informatica parameter
id id
userName userName
lastName name.familyName
firstName lastName name.formatted
firstName lastName displayName
email emails[0].value
title title
state active
locale locale
timeZoneId timezone
roles[].id roles[].value

roles[].roleName

roles[].display

groups[].id

groups[].value

groups[].userGroupName

groups[].display

orgId

userExtension.orgId

description

userExtension.description

authentication

userExtension.authentication

forcePasswordChange

userExtension.forcePasswordChange

maxLoginAttempts

userExtension.maxLoginAttempts

createTime

meta.created

updateTime

meta.lastModified

Groups

Table 238: Group mapping
SCIM parameter Informatica parameter
id id
userGroupName displayName
users[].id members[].value
users[].userName members[].display

roles[].id

roles[].value

roles[].roleName

roles[].display

orgId

userExtension.orgId

description

extension.description

createTime

meta.created

updateTime

meta.lastModified

Roles

Table 239: Roles mapping
SCIM parameter Informatica parameter
id id
name roleName

Connector limitations

  • The connector does not support update operation for users and groups as the target cloud system does not support update operation for users and groups.

  • Target system roles are mapped against the entitlements in SCIM connector.

  • While creating a user or a group, role ids (entitlements) are required. It is not possible to assign entitlements from One Identity Manager client during the creation of users or groups. Hence, a logic has been added in the Starling Connect to retrieve all the roles from the target system and assign the first role (except for those which contain admin in role name) to the create resource request.

Mappings

The Informatica Cloud Services connector allows you to connect Informatica Cloud Services with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by Informatica Cloud Services.

Informatica Cloud Services is an Integration Platform as a Service (iPaaS) that allows you to integrate and synchronize data and applications in a hybrid environments.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 234: Supported operations for Users
Operation VERB
Create User POST
Get User GET
Get all Users GET
Delete User DELETE

Groups

Table 235: Supported operations for Groups

Operation

VERB
Create Group POST
Get Group GET
Get all Groups GET
Delete Group DELETE

Roles

Table 236: Supported operations for Roles

Operation

VERB
Get all roles GET
Get role GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • userName

  • name.givenName

  • name.familyName

  • emails[].value

  • entitlements[].value

    NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

Groups

  • displayName
  • entitlements[].value

NOTE: The first available entitlement from the target system would be assigned to entitlements[].value if the property is not provided in the SCIM request. The entitlement property is Roles from the target system.

The user and group mappings are listed in the tables below.

Table 237: User mapping
SCIM Parameter Informatica parameter
id id
userName userName
lastName name.familyName
firstName lastName name.formatted
firstName lastName displayName
email emails[0].value
title title
state active
locale locale
timeZoneId timezone
roles[].id roles[].value

roles[].roleName

roles[].display

groups[].id

groups[].value

groups[].userGroupName

groups[].display

orgId

userExtension.orgId

description

userExtension.description

authentication

userExtension.authentication

forcePasswordChange

userExtension.forcePasswordChange

maxLoginAttempts

userExtension.maxLoginAttempts

createTime

meta.created

updateTime

meta.lastModified

Groups

Table 238: Group mapping
SCIM parameter Informatica parameter
id id
userGroupName displayName
users[].id members[].value
users[].userName members[].display

roles[].id

roles[].value

roles[].roleName

roles[].display

orgId

userExtension.orgId

description

extension.description

createTime

meta.created

updateTime

meta.lastModified

Roles

Table 239: Roles mapping
SCIM parameter Informatica parameter
id id
name roleName

Connector limitations

  • The connector does not support update operation for users and groups as the target cloud system does not support update operation for users and groups.

  • Target system roles are mapped against the entitlements in SCIM connector.

  • While creating a user or a group, role ids (entitlements) are required. It is not possible to assign entitlements from One Identity Manager client during the creation of users or groups. Hence, a logic has been added in the Starling Connect to retrieve all the roles from the target system and assign the first role (except for those which contain admin in role name) to the create resource request.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating