立即与支持人员聊天
与支持团队交流

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID Retrieving Tableau Personal Access Token (PAT)

Mandatory fields

The AppDynamics connector allows you to connect AppDynamics with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by AppDynamics.

AppDynamics is a real-time business and application performance management and monitoring platform that provides a complete view of the application environment, allowing you to monitor and fix issues quickly.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • Client Secret

  • API Client Name

  • Account Name

Supported objects and operations

Users

Table 242: Supported operations for Users

Operation

VERB

Create User POST
Update User PUT
Delete User DELETE
Get User GET
Get All Users GET

Groups

Table 243: Supported operations for Groups

Operation

VERB

Create Group POST
Update Group PUT
Delete Group DELETE
Get Group GET
Get All Groups GET

Roles

Table 244: Supported operations for Roles

Operation

VERB

Get Role GET
Get All Roles GET

This section lists the mandatory fields required to create a User or Group:

Users

  • UserName

  • DisplayName

  • Security_provider_type

  • Password

Groups

  • DisplayName
  • Security_provider_type

Mappings

The user, group, and roles mappings are listed in the tables below.

Table 245: User mapping
SCIM parameter AppDynamics parameter
Id id
UserName name
DisplayName displayName
password password
Groups[].value groups[].id
Groups[].display groups[].name
Roles[].value roles[].id
Roles[].display roles[].name
Extension.security_provider_type security_provider_type

Groups

Table 246: Group mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
Extension.Description description
Extension.security_provider_type security_provider_type
Extension.Roles[].value roles[].id
Extension.Roles[].display roles[].name

Roles

Table 247: Roles mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
description description

Connector limitations

  • Groups members information will not be retrieved in response to GET specific Group. The reason for this is the Groups API of the target system does not support it. However, the same is done at Users API. To overcome this deviation from standard behavior (rfc: https://tools.ietf.org/html/rfc7643#section-4.2), the connector is designed in such a way that all membership operations are done at Users endpoint. Hence, GET specific User response will retrieve the membership associations of respective User.
  • A performance impact is expected in the assignment operation of Roles and Group memberships when the User belongs to multiple Roles and Groups. The reason for this is that separate API calls are made for each and every Roles or Group membership association.

  • AppDynamics target system returns the error code 500 for most of the error scenarios except for very specific errors such as 401 Unauthorized. However, the connector handles few of those generic errors and responds appropriately.
  • Most error messages returned by the target system are neither sufficiently informative nor available. The connector follows the same behavior, wherever custom error messages are not possible.

  • Due to target system limitations, password update of User is not supported by the connector. However, the password can be set at the time of creation.

Synchronization and integration of Roles object type with One Identity Manager

For more information, see Synchronization and integration of Roles object type with One Identity Manager

User centric membership configuration for AppDynamics

For more information, see only the following sections in User centric membership:

Mappings

The AppDynamics connector allows you to connect AppDynamics with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by AppDynamics.

AppDynamics is a real-time business and application performance management and monitoring platform that provides a complete view of the application environment, allowing you to monitor and fix issues quickly.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • Client Secret

  • API Client Name

  • Account Name

Supported objects and operations

Users

Table 242: Supported operations for Users

Operation

VERB

Create User POST
Update User PUT
Delete User DELETE
Get User GET
Get All Users GET

Groups

Table 243: Supported operations for Groups

Operation

VERB

Create Group POST
Update Group PUT
Delete Group DELETE
Get Group GET
Get All Groups GET

Roles

Table 244: Supported operations for Roles

Operation

VERB

Get Role GET
Get All Roles GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • UserName

  • DisplayName

  • Security_provider_type

  • Password

Groups

  • DisplayName
  • Security_provider_type

The user, group, and roles mappings are listed in the tables below.

Table 245: User mapping
SCIM parameter AppDynamics parameter
Id id
UserName name
DisplayName displayName
password password
Groups[].value groups[].id
Groups[].display groups[].name
Roles[].value roles[].id
Roles[].display roles[].name
Extension.security_provider_type security_provider_type

Groups

Table 246: Group mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
Extension.Description description
Extension.security_provider_type security_provider_type
Extension.Roles[].value roles[].id
Extension.Roles[].display roles[].name

Roles

Table 247: Roles mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
description description

Connector limitations

  • Groups members information will not be retrieved in response to GET specific Group. The reason for this is the Groups API of the target system does not support it. However, the same is done at Users API. To overcome this deviation from standard behavior (rfc: https://tools.ietf.org/html/rfc7643#section-4.2), the connector is designed in such a way that all membership operations are done at Users endpoint. Hence, GET specific User response will retrieve the membership associations of respective User.
  • A performance impact is expected in the assignment operation of Roles and Group memberships when the User belongs to multiple Roles and Groups. The reason for this is that separate API calls are made for each and every Roles or Group membership association.

  • AppDynamics target system returns the error code 500 for most of the error scenarios except for very specific errors such as 401 Unauthorized. However, the connector handles few of those generic errors and responds appropriately.
  • Most error messages returned by the target system are neither sufficiently informative nor available. The connector follows the same behavior, wherever custom error messages are not possible.

  • Due to target system limitations, password update of User is not supported by the connector. However, the password can be set at the time of creation.

Synchronization and integration of Roles object type with One Identity Manager

For more information, see Synchronization and integration of Roles object type with One Identity Manager

User centric membership configuration for AppDynamics

For more information, see only the following sections in User centric membership:

Connector limitations

The AppDynamics connector allows you to connect AppDynamics with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by AppDynamics.

AppDynamics is a real-time business and application performance management and monitoring platform that provides a complete view of the application environment, allowing you to monitor and fix issues quickly.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • Client Secret

  • API Client Name

  • Account Name

Supported objects and operations

Users

Table 242: Supported operations for Users

Operation

VERB

Create User POST
Update User PUT
Delete User DELETE
Get User GET
Get All Users GET

Groups

Table 243: Supported operations for Groups

Operation

VERB

Create Group POST
Update Group PUT
Delete Group DELETE
Get Group GET
Get All Groups GET

Roles

Table 244: Supported operations for Roles

Operation

VERB

Get Role GET
Get All Roles GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • UserName

  • DisplayName

  • Security_provider_type

  • Password

Groups

  • DisplayName
  • Security_provider_type

Mappings

The user, group, and roles mappings are listed in the tables below.

Table 245: User mapping
SCIM parameter AppDynamics parameter
Id id
UserName name
DisplayName displayName
password password
Groups[].value groups[].id
Groups[].display groups[].name
Roles[].value roles[].id
Roles[].display roles[].name
Extension.security_provider_type security_provider_type

Groups

Table 246: Group mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
Extension.Description description
Extension.security_provider_type security_provider_type
Extension.Roles[].value roles[].id
Extension.Roles[].display roles[].name

Roles

Table 247: Roles mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
description description
  • Groups members information will not be retrieved in response to GET specific Group. The reason for this is the Groups API of the target system does not support it. However, the same is done at Users API. To overcome this deviation from standard behavior (rfc: https://tools.ietf.org/html/rfc7643#section-4.2), the connector is designed in such a way that all membership operations are done at Users endpoint. Hence, GET specific User response will retrieve the membership associations of respective User.
  • A performance impact is expected in the assignment operation of Roles and Group memberships when the User belongs to multiple Roles and Groups. The reason for this is that separate API calls are made for each and every Roles or Group membership association.

  • AppDynamics target system returns the error code 500 for most of the error scenarios except for very specific errors such as 401 Unauthorized. However, the connector handles few of those generic errors and responds appropriately.
  • Most error messages returned by the target system are neither sufficiently informative nor available. The connector follows the same behavior, wherever custom error messages are not possible.

  • Due to target system limitations, password update of User is not supported by the connector. However, the password can be set at the time of creation.

Synchronization and integration of Roles object type with One Identity Manager

For more information, see Synchronization and integration of Roles object type with One Identity Manager

User centric membership configuration for AppDynamics

For more information, see only the following sections in User centric membership:

Synchronization and integration of Roles object type with One Identity Manager

The AppDynamics connector allows you to connect AppDynamics with One Identity Starling enabling you to take advantage of the features and products available with Starling Connect that complement and enhance the services provided by AppDynamics.

AppDynamics is a real-time business and application performance management and monitoring platform that provides a complete view of the application environment, allowing you to monitor and fix issues quickly.

Supervisor configuration parameters

To configure the connector, following parameters are required:

  • Connector name

  • Client Secret

  • API Client Name

  • Account Name

Supported objects and operations

Users

Table 242: Supported operations for Users

Operation

VERB

Create User POST
Update User PUT
Delete User DELETE
Get User GET
Get All Users GET

Groups

Table 243: Supported operations for Groups

Operation

VERB

Create Group POST
Update Group PUT
Delete Group DELETE
Get Group GET
Get All Groups GET

Roles

Table 244: Supported operations for Roles

Operation

VERB

Get Role GET
Get All Roles GET

Mandatory fields

This section lists the mandatory fields required to create a User or Group:

Users

  • UserName

  • DisplayName

  • Security_provider_type

  • Password

Groups

  • DisplayName
  • Security_provider_type

Mappings

The user, group, and roles mappings are listed in the tables below.

Table 245: User mapping
SCIM parameter AppDynamics parameter
Id id
UserName name
DisplayName displayName
password password
Groups[].value groups[].id
Groups[].display groups[].name
Roles[].value roles[].id
Roles[].display roles[].name
Extension.security_provider_type security_provider_type

Groups

Table 246: Group mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
Extension.Description description
Extension.security_provider_type security_provider_type
Extension.Roles[].value roles[].id
Extension.Roles[].display roles[].name

Roles

Table 247: Roles mapping
SCIM parameter AppDynamics parameter
Id id
displayName name
description description

Connector limitations

  • Groups members information will not be retrieved in response to GET specific Group. The reason for this is the Groups API of the target system does not support it. However, the same is done at Users API. To overcome this deviation from standard behavior (rfc: https://tools.ietf.org/html/rfc7643#section-4.2), the connector is designed in such a way that all membership operations are done at Users endpoint. Hence, GET specific User response will retrieve the membership associations of respective User.
  • A performance impact is expected in the assignment operation of Roles and Group memberships when the User belongs to multiple Roles and Groups. The reason for this is that separate API calls are made for each and every Roles or Group membership association.

  • AppDynamics target system returns the error code 500 for most of the error scenarios except for very specific errors such as 401 Unauthorized. However, the connector handles few of those generic errors and responds appropriately.
  • Most error messages returned by the target system are neither sufficiently informative nor available. The connector follows the same behavior, wherever custom error messages are not possible.

  • Due to target system limitations, password update of User is not supported by the connector. However, the password can be set at the time of creation.

For more information, see Synchronization and integration of Roles object type with One Identity Manager

User centric membership configuration for AppDynamics

For more information, see only the following sections in User centric membership:

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级