立即与支持人员聊天
与支持团队交流

Starling Connect Hosted - One Identity Manager Administration Guide

About this guide One Identity Starling Connect overview One Identity Starling Supported cloud applications Working with connectors Connector versions Salesforce Facebook Workplace SAP Cloud Platform JIRA Server RSA Archer SuccessFactors AWS IAM ServiceNow Dropbox Crowd Atlassian JIRA Confluence Trello Box Pipedrive SuccessFactors HR NutShell Insightly Egnyte SugarCRM Oracle IDCS Statuspage Zendesk Sell Workbooks DocuSign Citrix ShareFile Zendesk Azure AD Google Workspace Concur Tableau GoToMeeting Coupa AWS Cognito Okta DataDog Hideez Opsgenie Informatica Cloud Services AppDynamics Marketo Workday HR OneLogin PingOne Aha! SAP Litmos HackerRank Slack ActiveCampaign Webex Apigee Databricks Hive PagerDuty Dayforce Smartsheet Pingboard SAP Cloud for Customer Azure Infrastructure Oracle Fusion Cloud Majesco LuccaHR OpenText JFrog Artifactory xMatters Discourse Testrail ChipSoft PingOne Platform Azure DevOps UKG PRO Atlassian Cloud Appendix: Creating a service account in Google Workspace Appendix: Setting a trial account on Salesforce Registering the application, providing necessary permissions, retrieving Client Id and Client Secret from the Azure AD tenant Generating a private key for service account in GoToMeeting Configuring AWS IAM connector to support entitlements for User and Group Configuring Box connector to support additional email IDs for users One Identity Manager E2E integration needs for Hideez connector Configuring custom attributes for ServiceNow v.1.0 Configuring custom attributes for Coupa v.1.0 Configuring custom attributes in connectors Disabling attributes Configuring a connector that uses the consent feature Synchronization and integration of Roles object type with One Identity Manager Synchronization and integration of Workspaces object type with One Identity Manager Synchronization and integration of Products object type with One Identity Manager User centric membership Creating multi-valued custom fields in One Identity Manager Synchronization and assignment of PermissionSets to Users with One Identity Manager Connectors that support password attribute in User object Connectors that do not support special characters in the object ID Creating an app for using SCIM on Slack Enterprise Grid Organization Creating a Webex integration application, providing necessary scopes, retrieving Client Id and Client Secret Retrieving the API key from Facebook Workplace Outbound IP addresses Values for customer-specific configuration parameters in Workday HR connector Initiate an OAuth connection to SuccessFactors Creating custom editable/upsertable attributes in Successfactors employee central Custom Foundation Objects in Successfactors HR connector Configuring additional datetime offset in connectors How to Create custom attribute for Users in SuccessFactors portal SAP Cloud for Customer - Steps to add custom fields at One Identity Manager attributes Creating a Service Principal for the Azure Infrastructure Connector Workday permissions needed to integrate via the Starling Connector Configuring integration application in DocuSign Creating integration Connect Client in Coupa Retrieving Azure DevOps Personal Access Token (PAT) Setup integration system and field override service in Workday Retrieving Atlassian Cloud API Key and Directory ID Retrieving Tableau Personal Access Token (PAT)

Mandatory fields

Pingboard is real-time organizational chart software that makes it easy to build professional looking org charts. It keeps company org charts in sync with HRMS software automatically, thus replacing the manual need to make the org charts using flow charting applications like Microsoft Visio or Lucidchart. Pingboard was designed to help companies organize their employees and departments, develop hiring and succession plans, and share this information on the corporate org chart.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 348: Supported operations for Users

Operation

VERB

Create User

POST

Update User

PUT

Delete User

DELETE

Get User by Id

POST

List Users

POST

Groups

Table 349: Supported operations for Groups

Operation

VERB

Create Group

POST

Update Group PUT
List Groups POST

Get Group by Id

POST

Delete Group DELETE

Users

  • name.givenName

  • name.familyName

  • emails[].value

Groups

  • displayName

  • extension.groupType

User and Group mapping

The user and group mappings are listed in the tables below.

Table 350: Pingboard user to SCIM mapping
SCIM parameter Pingboard parameter
id id
userName email
name.givenName first_name
name.familyName last_name

name.formatted

first_name + " " + last_name

displayName

first_name + " " + last_name

nickName

nickname

emails[].value email
phoneNumbers[].value office_phone
photos[].value avatar_urls.original
timezone time_zone
locale locale

title

job_title

groups[].value (Only for read operation)

links.groups[] & links.locations[]

extension.description

bio

extension.manager.value

reports_to_id

meta.created

created_at

meta.lastModified

updated_at

 

Table 351: Pingboard group to SCIM group mapping
SCIM parameter Pingboard parameter
id id
displayName name
members[].value links.users[]
extension.description description
extension.type type
meta.created created_at

meta.lastModified

updated_at

Connector limitations

  • If all of the member IDs used in the create group request are invalid, an error with status 500 and no message will be returned but the group gets created. Even with at least one valid member ID, the group write operation gets successful.

  • Even though the Pingboard API supports custom attributes for user resource, the Pingboard connector does not support custom attributes for users. The reason being is to avoid the unnecessary overhead in retrieving the names of the custom attributes by making additional request as the target API returns custom attribute IDs instead of the attribute name for GET user details response.

  • An Admin user can also be deleted using APIs in which case the connector functionality will not work.

  • Random string value for user's locale gets saved due to the target API behavior.

User and Group mapping

Pingboard is real-time organizational chart software that makes it easy to build professional looking org charts. It keeps company org charts in sync with HRMS software automatically, thus replacing the manual need to make the org charts using flow charting applications like Microsoft Visio or Lucidchart. Pingboard was designed to help companies organize their employees and departments, develop hiring and succession plans, and share this information on the corporate org chart.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 348: Supported operations for Users

Operation

VERB

Create User

POST

Update User

PUT

Delete User

DELETE

Get User by Id

POST

List Users

POST

Groups

Table 349: Supported operations for Groups

Operation

VERB

Create Group

POST

Update Group PUT
List Groups POST

Get Group by Id

POST

Delete Group DELETE

Mandatory fields

Users

  • name.givenName

  • name.familyName

  • emails[].value

Groups

  • displayName

  • extension.groupType

The user and group mappings are listed in the tables below.

Table 350: Pingboard user to SCIM mapping
SCIM parameter Pingboard parameter
id id
userName email
name.givenName first_name
name.familyName last_name

name.formatted

first_name + " " + last_name

displayName

first_name + " " + last_name

nickName

nickname

emails[].value email
phoneNumbers[].value office_phone
photos[].value avatar_urls.original
timezone time_zone
locale locale

title

job_title

groups[].value (Only for read operation)

links.groups[] & links.locations[]

extension.description

bio

extension.manager.value

reports_to_id

meta.created

created_at

meta.lastModified

updated_at

 

Table 351: Pingboard group to SCIM group mapping
SCIM parameter Pingboard parameter
id id
displayName name
members[].value links.users[]
extension.description description
extension.type type
meta.created created_at

meta.lastModified

updated_at

Connector limitations

  • If all of the member IDs used in the create group request are invalid, an error with status 500 and no message will be returned but the group gets created. Even with at least one valid member ID, the group write operation gets successful.

  • Even though the Pingboard API supports custom attributes for user resource, the Pingboard connector does not support custom attributes for users. The reason being is to avoid the unnecessary overhead in retrieving the names of the custom attributes by making additional request as the target API returns custom attribute IDs instead of the attribute name for GET user details response.

  • An Admin user can also be deleted using APIs in which case the connector functionality will not work.

  • Random string value for user's locale gets saved due to the target API behavior.

Connector limitations

Pingboard is real-time organizational chart software that makes it easy to build professional looking org charts. It keeps company org charts in sync with HRMS software automatically, thus replacing the manual need to make the org charts using flow charting applications like Microsoft Visio or Lucidchart. Pingboard was designed to help companies organize their employees and departments, develop hiring and succession plans, and share this information on the corporate org chart.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 348: Supported operations for Users

Operation

VERB

Create User

POST

Update User

PUT

Delete User

DELETE

Get User by Id

POST

List Users

POST

Groups

Table 349: Supported operations for Groups

Operation

VERB

Create Group

POST

Update Group PUT
List Groups POST

Get Group by Id

POST

Delete Group DELETE

Mandatory fields

Users

  • name.givenName

  • name.familyName

  • emails[].value

Groups

  • displayName

  • extension.groupType

User and Group mapping

The user and group mappings are listed in the tables below.

Table 350: Pingboard user to SCIM mapping
SCIM parameter Pingboard parameter
id id
userName email
name.givenName first_name
name.familyName last_name

name.formatted

first_name + " " + last_name

displayName

first_name + " " + last_name

nickName

nickname

emails[].value email
phoneNumbers[].value office_phone
photos[].value avatar_urls.original
timezone time_zone
locale locale

title

job_title

groups[].value (Only for read operation)

links.groups[] & links.locations[]

extension.description

bio

extension.manager.value

reports_to_id

meta.created

created_at

meta.lastModified

updated_at

 

Table 351: Pingboard group to SCIM group mapping
SCIM parameter Pingboard parameter
id id
displayName name
members[].value links.users[]
extension.description description
extension.type type
meta.created created_at

meta.lastModified

updated_at

  • If all of the member IDs used in the create group request are invalid, an error with status 500 and no message will be returned but the group gets created. Even with at least one valid member ID, the group write operation gets successful.

  • Even though the Pingboard API supports custom attributes for user resource, the Pingboard connector does not support custom attributes for users. The reason being is to avoid the unnecessary overhead in retrieving the names of the custom attributes by making additional request as the target API returns custom attribute IDs instead of the attribute name for GET user details response.

  • An Admin user can also be deleted using APIs in which case the connector functionality will not work.

  • Random string value for user's locale gets saved due to the target API behavior.

SAP Cloud for Customer

SAP Cloud for Customer (C4C) is a cloud solution to manage customer sales, customer service and marketing activities efficiently and is one of the key SAP solution to manage customer relationship.

Supervisor configuration parameters

To configure the connector, following parameters are required:

Supported objects and operations

Users

Table 352: Supported operations for Users

Operation

VERB

Create User POST

Get a User

GET

List Users

GET

Update a User

PUT

Delete User

DELETE

Roles

Table 353: Supported operations for Roles

Operation

VERB

Get a Role

GET

List Roles

GET

Mandatory fields

Users

  • name.givenName

  • name.familyName

Mappings

Table 354: SAPC4CEmployee,BusinessUser to SCIM User mapping
SCIM properties SAPC4C properties
active EmployeeValidityEndDate
addresses[].country CountryCode
addresses[].postalCode PostalCode
addresses[].region RegionCode
addresses[].streetAddress Street
displayName FirstName + " " + LastName
emails[].value Email

extension.businessUserLanguageCode

LogonLanguageCode

extension.businessUserLanguage

LogonLanguageCodeText

extension.companyName CompanyName
extension.dateFormat DateFormat
extension.dateFormatCode DateFormatCode
extension.decimalFormatCode DecimalFormatCode
extension.department Department
extension.employeeId EmployeeID
extension.gender GenderCodeText
extension.genderCode GenderCode
extension.employeeLanguage LanguageCodeText
extension.employeeLanguageCode LanguageCode
extension.managerName ManagerName
extension.maritalStatus MaritalStatusCodeText
extension.maritalStatusCode MaritalStatusCode
extension.passwordPolicyCode PasswordPolicyCode
extension.timeFormat TimeFormat
extension.timeFormatCode TimeFormatCode
extension.titleCode TitleCode
extension.titleCodeText TitleCodeText
extension.userId UserID
extension.userLockedIndicator UserLockedIndicator

extension.validityEndDate

UserValidityEndDate

extension.validityStartDate

UserValidityStartDate

id ObjectID
meta.created CreatedOn
meta.lastModified EntityLastChangedOn
name.familyName LastName
name.givenName FirstName
name.middleName MiddleName
nickName NickName
phoneNumbers[].value MobilePhoneNumber
roles.value EmployeeUserBusinessRoleAssignment.BusinessRoleID
timezone TimeZoneCode
userName UserID
Table 355: SAPC4CIdentityBusinessRoles to SCIM Role mapping
SCIM properties SAPC4C properties
id ObjectID
name Name
meta.created CreationDateTime
meta.lastModified EntityLastChangedOn

 

Connector limitations

  • Update is not supported for attributes like ManagerName, CompanyName and Department, as they come under Organization endpoints.

  • Deleting a User, will inactivate it. But the user will still be present in the list of users.

  • Due to the target API behavior, any text value can be used as the value for phoneNumbers.

  • For most of the error scenarios, the status code returned is 500.

  • While user creation, the user will still be created if there is an error while user role assignments.

  • Due to One IM limitation on DateTime attributes, value having 'YEAR' less than 1753 could not be shown in One IM user interface.

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级