{ "componentChunkName": "component---src-templates-docs-js", "path": "/connectorconfig/scriptConnector/GroovyScriptConnector", "result": {"data":{"site":{"siteMetadata":{"title":"OpenIAM Documentation v2026.5.2 | OpenIAM","docsLocation":""}},"mdx":{"fields":{"id":"fe176884-a599-57ea-9aab-60c740abb3ee","title":"Configuring Groovy Script connector","slug":"/connectorconfig/scriptConnector/GroovyScriptConnector"},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n \"title\": \"Configuring Groovy Script connector\",\n \"metaTitle\": \"Configuring Groovy Script connector\",\n \"metaDescription\": \"This page describes how to configure and use flexible groovy script connector\"\n};\nvar layoutProps = {\n _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n var components = _ref.components,\n props = _objectWithoutProperties(_ref, _excluded);\n\n return mdx(MDXLayout, _extends({}, layoutProps, props, {\n components: components,\n mdxType: \"MDXLayout\"\n }), mdx(\"p\", null, \"The Groovy Script Connector in OpenIAM provides organizations with a \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"flexible and highly customizable\"), \" approach to integration. Unlike standard connectors, this solution enables the implementation of \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"custom business\"), \" logic tailored to the specific requirements of a target system.\"), mdx(\"p\", null, \"With this approach, organizations can leverage Groovy scripts to interact with external applications while benefiting from OpenIAM core infrastructure, including RabbitMQ for message queuing and provisioning/deprovisioning tasks. This ensures that critical operations, such as creating, updating, and deleting accounts\\u2014are executed efficiently, securely, and reliably.\"), mdx(\"p\", null, \"Beyond standard API calls, the Groovy Script Connector supports multiple integration methods, including:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"REST API interactions\"), \", which supports HTTP requests (GET, POST, PUT, DELETE) for seamless communication with modern web services.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"SOAP API integration\"), \" enabling interaction with legacy systems using XML-based web services.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"PL/SQL package execution\"), \", which allows direct execution of stored procedures in databases for advanced data operations.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Shell script invocation\"), \" that facilitates automation of system-level tasks by running scripts on the underlying infrastructure.\")), mdx(\"p\", null, \"This versatility enables organizations to build robust, scalable, and secure integrations that align with their specific requirements.\"), mdx(\"h2\", null, \"Real-life example\"), mdx(\"p\", null, \"Many organizations manage user data using systems that expose REST APIs but lack \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"direct\"), \" integration with OpenIAM. To address this, they often rely on manual data synchronization, such as exporting and importing CSV files, or develop custom scripts to automate data transfers.\"), mdx(\"p\", null, \"While these homegrown scripting solutions may work initially, they become difficult to maintain over time, especially as business requirements evolve. When multiple applications are involved, different teams may implement inconsistent approaches, leading to integration challenges and higher maintenance overhead.\"), mdx(\"p\", null, \"By leveraging the Groovy Script connector, organizations can replace manual processes and fragmented scripts with a centralized, scalable, and maintainable integration framework. The connector allows OpenIAM to directly interact with the target system\\u2019s REST APIs, ensuring seamless, automated data synchronization. This provides key benefits such as:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Eliminating manual effort\"), \". There is no need for time-consuming file exports and imports.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Reducing errors\"), \". Automates data transfers to prevent inconsistencies.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Standardizing integrations\"), \". Ensures a consistent approach across multiple applications.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Improving maintainability\"), \". Reduces reliance on custom scripts that become difficult to manage over time.\")), mdx(\"p\", null, \"By replacing manual processes and ad-hoc scripting with automated, near real-time integration, the Groovy Script connector enhances accuracy, efficiency, and long-term maintainability, enabling organizations to focus on more strategic initiatives.\"), mdx(\"h2\", null, \"Essential preparations for implementation (using REST APIs)\"), mdx(\"p\", null, \"Before deploying the Groovy Script connector, certain prerequisites must be met to ensure a successful and secure integration. These include API readiness, proper security configurations, and authentication mechanisms.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"API readiness and configuration.\")), mdx(\"p\", null, \"To facilitate communication between OpenIAM and the custom application, the following API endpoints should be available:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"POST API for creating users\"), \" enables the creation of new user accounts.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"GET API for retrieving user information\"), \" allows OpenIAM to fetch user details based on\\nsearch parameters.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"PUT API for updating user information\"), \" supports modifying user attributes.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"DELETE API for removing users\"), \" handles account deletion.\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Ensuring secure integration practices.\\nTo ensure secure API communication, organizations should implement the following security measures:\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Use HTTPS for \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"communication\"), \". Encrypt data transmission to prevent unauthorized access.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Implement OAuth 2.0\"), \" with bearer tokens. OpenIAM recommends using \", mdx(\"em\", {\n parentName: \"li\"\n }, \"OAuth 2.0\"), \" for secure authorization, where the connector requests an access token before calling the API and refreshes it automatically when expired.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Enable \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"certificate-based authentication\"), \". Store required certificates securely on the OpenIAM server\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Other authentication methods (not recommended).\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"API Key authentication, which uses a unique identifier but is less secure than OAuth 2.0.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Basic authentication sends a username and password in request headers, requiring HTTPS to prevent exposure.\")))), mdx(\"p\", null, \"By following these preparation steps, organizations can ensure a smooth and secure integration using the Groovy Script Connector, enabling seamless communication between OpenIAM and their custom applications.\\nThe following illustration represents the process using a flow diagram.\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-01-flow-diagram.png\",\n \"alt\": \"Flow diagram\"\n })), mdx(\"h2\", null, \"Configuring OpenIAM\"), mdx(\"p\", null, \"This section provides an overview of the various operations supported by the Groovy Script Connector and outlines the required configurations for its setup.\"), mdx(\"p\", null, \"The connector supports various operations, including save, search, test connection, delete, resume, suspend, and reset password. However, authentication operations, such as login, are \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"not currently\"), \" supported.\"), mdx(\"p\", null, \"OpenIAM offers a built-in Groovy Script Connector, which can be accessed through the webconsole by navigating to \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Provisioning\"), \" > \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Connectors\"), \". To configure the connector, navigate to the \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Connector Configuration\"), \" menu and modify its settings as needed. Ensure that the required rules are enabled based on your specific requirements.\"), mdx(\"p\", null, \"Each rule displayed in the screenshot below can trigger a Groovy script, facilitating CRUD and search operations on target applications.\"), mdx(\"h3\", null, \"Important considerations\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Synchronization setup\"), \". If you plan to use the Groovy Script Connector for synchronization, we strongly recommend enabling the \", mdx(\"em\", {\n parentName: \"li\"\n }, \"Test Connection Object\"), \" rule along with the provided script. Without this, the synchronization process will fail with an error indicating an inability to connect to the target system. \"), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Save handler usage\"), \". Due to the current legacy implementation, the Save Handler \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"should be used\"), \" for both \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Add\"), \" and \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Modify\"), \" provisioning rules to ensure proper functionality.\")), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-01-connector-configuration-menu.png\",\n \"alt\": \"Connector configuration menu\"\n })), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"When configuring Groovy script connector on the OpenIAM side consider that \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"SQL Query / Directory filter\"), \" and \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Source attribute names\"), \" fields are mandatory. In case these are left empty, the following error may occur.\")), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-10-error.png\",\n \"alt\": \"Error\"\n })), mdx(\"h2\", null, \"Configuring Managed System\"), mdx(\"p\", null, \"Secure connection details can be stored using fields such as \", mdx(\"em\", {\n parentName: \"p\"\n }, \"login, password, host URL, port, and connection string\"), \". These credentials can then be accessed within the Groovy script handler to facilitate provisioning operations.\"), mdx(\"p\", null, \"Ensure that the rule fields are properly filled, with each field containing the path to the appropriate operation handler (path of groovy scripts).\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-03-operation-handler.png\",\n \"alt\": \"Operation handler\"\n })), mdx(\"p\", null, \"Connection details can be used while establish connection or performing operations on target applications. Example usage through code is given below.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"final String login = connectorObject.getMetaData().getLogin(); \\nfinal String password = connectorObject.getMetaData().getPassword(); \\nfinal String hostURL = connectorObject.getMetaData().getUrl(); \\nfinal Integer port = connectorObject.getMetaData().getPort(); \\nfinal String connectionString = ConnectorObjectUtils.readMetadataAttributeValue(connectorObject.getMetaData(), ProvisionConnectorConstant.CONNECTION_STRING); // Custom Attributes stored in managed Sys Config\\n\")), mdx(\"h2\", null, \"Integrating with the Script Connector (using REST APIs)\"), mdx(\"p\", null, \"The integration process can be divided into two parts:\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Defining the API structure, including endpoint setup, request formats, and response handling.\"), mdx(\"li\", {\n parentName: \"ol\"\n }, \"Developing Groovy scripts to serve as a bridge, enabling seamless communication between OpenIAM and the target system.\")), mdx(\"h3\", null, \"User lifecycle operations in OpenIAM\"), mdx(\"p\", null, \"To fully support user life-cycle management, OpenIAM connector model includes the following key operations:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Save\"), \" manages both account creation and updates in the target system\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Search\"), \" facilitates individual and bulk user lookups based on synchronization configuration parameters.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Delete\"), \" removes an account from the target system.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Resume\"), \" reactivates a suspended account.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Suspend\"), \" disables an active account.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Test Connection\"), \" verifies the connectivity to the target system.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Login\"), \" enables authentication into OpenIAM using the integrated application.\")), mdx(\"p\", null, \"Below are some best practices for designing application-level integration APIs, focusing on security considerations and the key parameters required for each operation.\"), mdx(\"h3\", null, \"Security best practices for API integration\"), mdx(\"p\", null, \"To ensure secure integration, the application\\u2019s API should be protected using the following measures:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Use HTTPS\"), \" for communication. It is strongly recommended for encrypting data transmission and enhancing security.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Require a \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Valid Bearer Token\"), \" (OAuth 2.0). The OpenIAM connector requests and stores an access token, automatically refreshing it when expired.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Avoid less secure authentication methods\"), \" (that are not recommended):\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"API Key authentication, which uses a unique identifier in request headers or query parameters.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Basic authentication? which sends a Base64-encoded username and password, requiring HTTPS for protection.\"))), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Certificate-based authentication\"), \". Enhances security by using stored certificates for authentication. The required certificate must be placed on the OpenIAM server, ensuring accessibility for the connector.\")), mdx(\"h3\", null, \"API operations\"), mdx(\"p\", null, \"The OpenIAM Groovy Script Connector requires several API operations to manage user life-cycle events. Below there is a structured overview of each operation, including purpose, API requests, and expected responses.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Save (create/update User). The \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"Save\"), \" operation manages user creation and updates in the target system. It consists of multiple API calls, such as\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Check if the user exists. Before creating or updating a user, OpenIAM checks if the user already exists.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"GET /user?username=abc \\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 User object found.\", mdx(\"br\", null), \"\\u274C 404 NOT FOUND \\u2013 User does not exist.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Create a user. If the user does not exist, OpenIAM creates a new user.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /add-user\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample payload\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"username\\\": \\\"john.doe\\\",\\n \\\"firstName\\\": \\\"John\\\",\\n \\\"lastName\\\": \\\"Doe\\\",\\n \\\"email\\\": \\\"john.doe@example.com\\\",\\n \\\"phoneNumber\\\": \\\"123-456-7890\\\",\\n \\\"roles\\\": [\\n {\\n \\\"operation\\\": \\\"ADD\\\",\\n \\\"name\\\": \\\"user\\\",\\n \\\"startDate\\\": \\\"2023-01-01\\\",\\n \\\"endDate\\\": \\\"2023-12-31\\\",\\n \\\"description\\\": \\\"123123132\\\"\\n }\\n ],\\n \\\"status\\\": \\\"Active\\\",\\n \\\"password\\\": \\\"Passwd00\\\"\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 User created successfully.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Incorrect request format.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Update an existing user. If the user exists, OpenIAM updates the user's details.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"PUT /update-user \\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample Payload:\"), \" (Contains only fields to be updated)\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"username\\\": \\\"john.doe\\\",\\n \\\"phoneNumber\\\": \\\"123-456-7890\\\",\\n \\\"roles\\\": [\\n {\\n \\\"operation\\\": \\\"DELETE\\\",\\n \\\"name\\\": \\\"user\\\"\\n },\\n {\\n \\\"operation\\\": \\\"ADD\\\",\\n \\\"name\\\": \\\"admin\\\"\\n }\\n ]\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 User updated successfully.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Incorrect request format.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Search (retrieve users). The Search API fetches user data based on filters.\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Search for active users in a Group\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /usersCopyEdit\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Payload\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"group\\\": \\\"engineering\\\",\\n \\\"isActive\\\": true\\n}\\n\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Search for all active users.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"isActive\\\": true\\n}\\n\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Search for users modified since a specific date.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"lastModified\\\": \\\"2023-01-01\\\"\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Response format\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Returns a list of user objects.\"), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Delete\"), \" (remove a user). Deletes a user from the system.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"DELETE /user/{username}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 User deleted successfully.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Deletion failed due to system rules.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 4\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Reset password. Changes or resets a user\\u2019s password.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /reset-password\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample payload\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"username\\\": \\\"1234567890\\\",\\n \\\"newPassword\\\": \\\"newPassword456\\\"\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Password reset successfully.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Password policy violations.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 5\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Resume\"), \" (enable user account). Reactivates a suspended account.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /enable/{username} \\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Account enabled.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Unable to enable the account.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 6\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Suspend\"), \" (disable user account). Disables an active account.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /disable/{username}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Account suspended.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Unable to suspend the account.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 7\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Test connection\"), \". Checks the connection between OpenIAM and the target system.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"GET /user?username=abc\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Connection is active.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Connection issues detected.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 8\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Login\"), \" (authentication into OpenIAM). Allows authentication using the target system as an identity provider.\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"API request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /verify-credentials\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample payload\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"username\\\": \\\"1234567890\\\",\\n \\\"password\\\": \\\"newPassword456\\\"\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Authentication successful.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Invalid credentials or user status.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"h3\", null, \"Groups management using OpenIAM Groovy Script connector\"), mdx(\"p\", null, \"The OpenIAM Groovy Script Connector can also be used for Group management, including operations like searching for groups, creating groups and removing groups. Below there is a structured overview of each operation, including purpose, API requests, and expected responses.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Search\"), \" group. The connector retrieves a list of groups based on search criteria. \")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Endpoint to get a specific Group by name is given below.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"GET /api/groups/search?name=Developers \\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample JSON request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"groups\\\": [\\n {\\n \\\"id\\\": \\\"101\\\",\\n \\\"groupName\\\": \\\"Developers\\\",\\n \\\"description\\\": \\\"Group for software development team\\\",\\n \\\"status\\\": \\\"Active\\\",\\n \\\"createdDate\\\": \\\"2023-02-10T12:00:00Z\\\",\\n \\\"members\\\": [\\n {\\n \\\"id\\\": \\\"201\\\",\\n \\\"username\\\": \\\"john.doe\\\",\\n \\\"firstName\\\": \\\"John\\\",\\n \\\"lastName\\\": \\\"Doe\\\",\\n \\\"email\\\": \\\"john.doe@example.com\\\"\\n },\\n {\\n \\\"id\\\": \\\"202\\\",\\n \\\"username\\\": \\\"jane.smith\\\",\\n \\\"firstName\\\": \\\"Jane\\\",\\n \\\"lastName\\\": \\\"Smith\\\",\\n \\\"email\\\": \\\"jane.smith@example.com\\\"\\n }\\n ]\\n }\\n ]\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Returns List of Groups Objects.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Invalid credentials or user status.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Endpoint to get \", mdx(\"strong\", {\n parentName: \"li\"\n }, \"all\"), \" Groups is as follows.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"GET /api/groups\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample JSON request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"groups\\\": [\\n {\\n \\\"id\\\": \\\"101\\\",\\n \\\"groupName\\\": \\\"Developers\\\",\\n \\\"description\\\": \\\"Group for software development team\\\",\\n \\\"status\\\": \\\"Active\\\",\\n \\\"createdDate\\\": \\\"2023-02-10T12:00:00Z\\\",\\n \\\"members\\\": [\\n {\\n \\\"id\\\": \\\"201\\\",\\n \\\"username\\\": \\\"john.doe\\\",\\n \\\"firstName\\\": \\\"John\\\",\\n \\\"lastName\\\": \\\"Doe\\\",\\n \\\"email\\\": \\\"john.doe@example.com\\\"\\n },\\n {\\n \\\"id\\\": \\\"202\\\",\\n \\\"username\\\": \\\"jane.smith\\\",\\n \\\"firstName\\\": \\\"Jane\\\",\\n \\\"lastName\\\": \\\"Smith\\\",\\n \\\"email\\\": \\\"jane.smith@example.com\\\"\\n }\\n ]\\n },\\n {\\n \\\"id\\\": \\\"102\\\",\\n \\\"groupName\\\": \\\"DevOps Team\\\",\\n \\\"description\\\": \\\"Group for DevOps engineers\\\",\\n \\\"status\\\": \\\"Active\\\",\\n \\\"createdDate\\\": \\\"2023-03-15T14:30:00Z\\\",\\n \\\"members\\\": [\\n {\\n \\\"id\\\": \\\"203\\\",\\n \\\"username\\\": \\\"alex.johnson\\\",\\n \\\"firstName\\\": \\\"Alex\\\",\\n \\\"lastName\\\": \\\"Johnson\\\",\\n \\\"email\\\": \\\"alex.johnson@example.com\\\"\\n }\\n ]\\n },\\n {\\n \\\"id\\\": \\\"103\\\",\\n \\\"groupName\\\": \\\"HR Team\\\",\\n \\\"description\\\": \\\"Group for human resources\\\",\\n \\\"status\\\": \\\"Active\\\",\\n \\\"createdDate\\\": \\\"2023-04-05T10:20:00Z\\\",\\n \\\"members\\\": []\\n },\\n {\\n \\\"id\\\": \\\"104\\\",\\n \\\"groupName\\\": \\\"Finance\\\",\\n \\\"description\\\": \\\"Group for finance department\\\",\\n \\\"status\\\": \\\"Inactive\\\",\\n \\\"createdDate\\\": \\\"2023-01-20T09:15:00Z\\\",\\n \\\"members\\\": [\\n {\\n \\\"id\\\": \\\"204\\\",\\n \\\"username\\\": \\\"michael.brown\\\",\\n \\\"firstName\\\": \\\"Michael\\\",\\n \\\"lastName\\\": \\\"Brown\\\",\\n \\\"email\\\": \\\"michael.brown@example.com\\\"\\n }\\n ]\\n }\\n ]\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Returns list of Groups objects.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Invalid credentials or user status.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Save\"), \" Group. Here, connector creates groups based on provided information.\")), mdx(\"p\", null, \"Endpoint is as follows.\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"POST /api/groups\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample JSON request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"groupName\\\": \\\"Developers\\\",\\n \\\"description\\\": \\\"Group for software development team\\\",\\n \\\"status\\\": \\\"Active\\\",\\n \\\"roles\\\": [\\n {\\n \\\"operation\\\": \\\"ADD\\\",\\n \\\"name\\\": \\\"developer\\\",\\n \\\"startDate\\\": \\\"2023-01-01\\\",\\n \\\"endDate\\\": \\\"2023-12-31\\\",\\n \\\"description\\\": \\\"Access to development tools\\\"\\n }\\n ]\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Created successfully.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Invalid credentials or user status.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, \"Remove Group. The Group Deletion API is used to remove an existing group from OpenIAM, ensuring proper deprovisioning and access management. Endpoint is given below.\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"DELETE /api/groups/{groupId}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Sample JSON request\")), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\"\n }, \"{\\n \\\"groupId\\\": \\\"101\\\"\\n}\\n\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Responses\")), mdx(\"p\", null, \"\\u2705 200 SUCCESS \\u2013 Group removed successfully.\", mdx(\"br\", null), \"\\u274C 400 BAD REQUEST \\u2013 Invalid credentials or user status.\", mdx(\"br\", null), \"\\u274C 500 INTERNAL SERVER ERROR \\u2013 Unexpected error.\"), mdx(\"h2\", null, \"Script development for Groovy Script Connector\"), mdx(\"h3\", null, \"Overview\"), mdx(\"p\", null, \"This section provides guidance on developing Groovy scripts for the OpenIAM Groovy Script Connector. These scripts enable the integration of custom logic for managing user lifecycle operations.\"), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Note:\"), \" The provided code samples are for reference only and should be modified to meet specific implementation requirements. Since the Groovy Script Connector caches scripts on startup, any changes require a connector service restart for them to take effect.\"), mdx(\"h4\", null, \"Accessing OpenIAM connector repository\"), mdx(\"p\", null, \"For more details, visit the \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://bitbucket.org/openiam/connector/src/test_run/\"\n }, \"OpenIAM Connector Repository\"), \", an open-source resource for developing and writing connector scripts.\"), mdx(\"h3\", null, \"Handlers/Object rules in OpenIAM Groovy Script Connectors\"), mdx(\"p\", null, \"Handlers in OpenIAM Groovy script connectors store the absolute path to the Groovy script responsible for key operations throughout the user lifecycle. Typically, each handler is associated with its own Groovy script. However, in some cases, multiple handlers may share a single script, especially in the following scenario:\"), mdx(\"p\", null, \"Example of Handler reusability:\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"ADD\"), \" and \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"MODIFY\"), \" Handlers. \"), mdx(\"p\", null, \"These handlers can utilize a single Groovy script to handle \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Create, Read, Update,\"), \" and \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Delete\"), \" (CRUD) operations. The general structure of the script is as follows.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"It first checks the target system to determine if the user already exists.\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"If the user does not exist, the script proceeds with user creation.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"If the user exists, the script either modifies or deletes the user based on the request parameters.\")))), mdx(\"p\", null, \"This approach consolidates the logic into a single script, reducing redundancy and simplifying maintenance.\"), mdx(\"p\", null, \"Common Handlers/Object rules.\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Test Connection Handler\"), \".\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Managed System page: Referred to as the Test Connection Object Rule.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Purpose: This handler is responsible for checking the health of the connection between OpenIAM and the target system. It ensures that the communication between the two systems is functional.\")), mdx(\"ol\", {\n \"start\": 2\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Search Operation Handler\"), \".\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Managed System page: Referred to as the Search Object Rule.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Purpose: This handler is responsible for retrieving user details from the target system. It executes a search query based on the request parameters and returns the relevant user data.\")), mdx(\"ol\", {\n \"start\": 3\n }, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Add/Modify Handler\"), \".\")), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Managed System Configuration Page: Referred to as the Add Object Rule and Modify Object Rule.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Purpose: This handler is responsible for adding or modifying user records in the target system based on the request. It can handle both user creation and modification actions depending on whether the user already exists in the target system.\")), mdx(\"h3\", null, \"Required libraries\"), mdx(\"p\", null, \"The following libraries are required to ensure smooth operation of the scripts and API communication:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Jackson Library\"), \": Used for JSON parsing and serialization.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Apache HTTP Components\"), \": Handles HTTP requests and responses.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Apache Commons Logging\"), \": Provides logging support for tracking script execution.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"OpenIAM API Connector Classes\"), \": Supports provisioning and metadata handling.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Spring Framework\"), \": Manages dependency injection and provides the application context.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Java Collections\"), \": Utilized for handling lists, maps, and other collections.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Apache Commons Collections\"), \": Provides utility methods for collection operations, making it easier to work with complex data structures.\")), mdx(\"p\", null, \"These components work together to ensure efficient API communication, response processing, and the overall execution of the Groovy script.\"), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \"Troubleshooting notes:\"), \" Occasionally, you may encounter an error while saving a Groovy script due to certain packages requiring explicit whitelisting. To resolve this issue, refer to the following documentation for details on \", mdx(\"a\", {\n href: \"https://docs.openiam.com/docs-4.2.1.12/developerguide/3-whitelisting\"\n }, \"whitelisting packages\"), \".\"), mdx(\"div\", {\n style: {\n \"border\": \"1px solid #169998\",\n \"marginTop\": \"15px\",\n \"marginBottom\": \"15px\",\n \"paddingTop\": \"10px\",\n \"paddingBottom\": \"10px\",\n \"paddingLeft\": \"5px\",\n \"paddingRight\": \"5px\"\n }\n }, mdx(\"span\", {\n style: {\n \"color\": \"#169998\",\n \"fontWeight\": \"bold\"\n }\n }, \" Note:\"), \" The same handlers used for user operations will also be utilized for group operations. However, the scripts for group operations will differ as they extend separate base classes. Both scripts should be separated by a \", mdx(\"span\", {\n style: {\n \"fontWeight\": \"bold\"\n }\n }, \";\"), \" in the object rule value.\"), mdx(\"p\", null, \"Follow \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://bitbucket.org/openiam/connector/src/test_run/conf/iamscripts/dev/group/\"\n }, \"this link\"), \" to check example group scripts Group Scripts. \"), mdx(\"p\", null, \"Example:\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-09-group-example.png\",\n \"alt\": \"Group example\"\n })), mdx(\"h4\", null, \"Implementing the Test connection handler\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Purpose\"), \": The Test Connection Handler verifies the connectivity between OpenIAM and the target system. If the system does not support a test connection, the script can return a success response without performing an actual connection check.\"), mdx(\"p\", null, \"Here is a flowchart representation of the Test Connection Handler.\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-04-test-connection-handler-flow-diagram.png\",\n \"alt\": \"Test connection handler flow diagram\"\n })), mdx(\"p\", null, \"Example Test connection script can be found \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://bitbucket.org/openiam/connector/src/test_run/conf/iamscripts/dev/sample_api/TestConnectionScriptConnector.groovy\"\n }, \"here\"), \".\"), mdx(\"h4\", null, \"Implementing the Search operation handler\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Purpose\"), \": The Search Operation Handler transforms external API responses (JSON format) into OpenIAM-compatible connector objects. OpenIAM utilizes this response for synchronization operations.\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-05-search-operation-handler-flow-diagram.png\",\n \"alt\": \"Search operation handler\"\n })), mdx(\"p\", null, \"Example Search operation script can be found \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://bitbucket.org/openiam/connector/src/test_run/conf/iamscripts/dev/sample_api/SearchAPICallScriptConnector.groovy\"\n }, \"here\"), \".\"), mdx(\"h4\", null, \"Implementing CRUD operation handlers (ADD/MODIFY handlers)\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Purpose\"), \": The CRUD Operation Handler manages saving, updating, and deleting users based on the policy map configured in the managed system.\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-06-CRUD-operation-handler-flow-diagram.png\",\n \"alt\": \"CRUD operation handler\"\n })), mdx(\"p\", null, \"Example Save operation script can be found \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://bitbucket.org/openiam/connector/src/test_run/conf/iamscripts/dev/sample_api/SaveAPICallUserScriptConnector.groovy\"\n }, \"here\"), \".\"), mdx(\"h3\", null, \"Deployment of Groovy Script connector\"), mdx(\"p\", null, \"This section focuses on the deployment of the Groovy Script Connector. The connector can be deployed as either a local or remote connector.\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Local connectors\"), \" are deployed on the same machine where OpenIAM is installed.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Remote connectors\"), \" are deployed on a remote machine and communicate with OpenIAM through a specified RabbitMQ queue, which is configured in the \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"application.properties\"), \" file during deployment.\")), mdx(\"h4\", null, \"Key considerations for deploying a remote connector\"), mdx(\"ol\", null, mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Vault communication\"), \". \", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"The remote connector must communicate with Vault, a critical component for managing passwords, to retrieve RabbitMQ credentials.\"))), mdx(\"li\", {\n parentName: \"ol\"\n }, mdx(\"strong\", {\n parentName: \"li\"\n }, \"Handling Vault unavailability\"), \".\", mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"If the remote server cannot reach Vault, RabbitMQ credentials can be supplied directly in the \", mdx(\"inlineCode\", {\n parentName: \"li\"\n }, \"application.properties\"), \" file.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Any encryption strategy can be used to securely store these credentials, preventing direct exposure.\")))), mdx(\"h3\", null, \"Registering a connector with OpenIAM\"), mdx(\"p\", null, \"To register a connector in OpenIAM, ensure that it is correctly linked to the connector queue, which can be viewed and configured under. Go to webconsole > \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Provisioning\"), \" > \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"Connectors\"), \", then select and edit the desired connector.\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-07-registering-connector.png\",\n \"alt\": \"Registering a connector\"\n })), mdx(\"h4\", null, \"Detailed deployment strategies\"), mdx(\"p\", null, \"For a comprehensive guide on deploying the connector using different strategies, refer to the following documentation:\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"../getting-started/4-application-onboarding/1-connect/2-rpm\"\n }, \"Deploying Connectors via RPM\"), \".\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"../getting-started/4-application-onboarding/1-connect/3-docker\"\n }, \"Deploying Connectors via Docker\"), \".\"), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"a\", {\n parentName: \"li\",\n \"href\": \"../getting-started/4-application-onboarding/1-connect/4-k8\"\n }, \"Deploying Connectors via Kubernetes\"), \".\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Can a single Groovy Script Connector be used for multiple target applications or Managed Systems?\")), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Answer\"), \": Yes, a single Groovy Script Connector can be used for more than one target application or managed system.\"), mdx(\"p\", null, mdx(\"strong\", {\n parentName: \"p\"\n }, \"Example\")), mdx(\"p\", null, \"Consider two different applications that operate on the same principles and have a similar API structure (if they are REST API-based systems) or a similar database schema (but with different database names).\"), mdx(\"p\", null, \"In such cases\"), mdx(\"ul\", null, mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"We can create two managed systems in OpenIAM that utilize the same handlers for performing tasks like:\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"Test connection.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Search operations.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Saving user information.\"))), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"The differentiation between the managed systems occurs through:\"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"API Endpoints or Database Names. These values are provided to the handlers dynamically.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"Managed System configuration. Custom attributes can be defined within each managed system configuration to specify the unique API endpoints or database names.\"))), mdx(\"li\", {\n parentName: \"ul\"\n }, mdx(\"p\", {\n parentName: \"li\"\n }, \"Extracting Custom Attributes in Handlers. \"), mdx(\"ul\", {\n parentName: \"li\"\n }, mdx(\"li\", {\n parentName: \"ul\"\n }, \"During execution, the handler can retrieve the relevant custom attributes from the calling managed system.\"), mdx(\"li\", {\n parentName: \"ul\"\n }, \"This allows the same connector logic to be reused across multiple applications while maintaining flexibility.\")))), mdx(\"p\", null, \"By leveraging this approach, reusability and manageability are significantly improved, reducing redundancy and simplifying maintenance.\"), mdx(\"p\", null, mdx(\"img\", {\n parentName: \"p\",\n \"src\": \"img/script/scriptConnector-08-oneconnector-twomanagedsystems.png\",\n \"alt\": \"One connector for two Managed Systems\"\n })));\n}\n;\nMDXContent.isMDXComponent = true;","tableOfContents":{"items":[{"url":"#real-life-example","title":"Real-life example"},{"url":"#essential-preparations-for-implementation-using-rest-apis","title":"Essential preparations for implementation (using REST APIs)"},{"url":"#configuring-openiam","title":"Configuring OpenIAM","items":[{"url":"#important-considerations","title":"Important considerations"}]},{"url":"#configuring-managed-system","title":"Configuring Managed System"},{"url":"#integrating-with-the-script-connector-using-rest-apis","title":"Integrating with the Script Connector (using REST APIs)","items":[{"url":"#user-lifecycle-operations-in-openiam","title":"User lifecycle operations in OpenIAM"},{"url":"#security-best-practices-for-api-integration","title":"Security best practices for API integration"},{"url":"#api-operations","title":"API operations"},{"url":"#groups-management-using-openiam-groovy-script-connector","title":"Groups management using OpenIAM Groovy Script connector"}]},{"url":"#script-development-for-groovy-script-connector","title":"Script development for Groovy Script Connector","items":[{"url":"#overview","title":"Overview","items":[{"url":"#accessing-openiam-connector-repository","title":"Accessing OpenIAM connector repository"}]},{"url":"#handlersobject-rules-in-openiam-groovy-script-connectors","title":"Handlers/Object rules in OpenIAM Groovy Script Connectors"},{"url":"#required-libraries","title":"Required libraries","items":[{"url":"#implementing-the-test-connection-handler","title":"Implementing the Test connection handler"},{"url":"#implementing-the-search-operation-handler","title":"Implementing the Search operation handler"},{"url":"#implementing-crud-operation-handlers-addmodify-handlers","title":"Implementing CRUD operation handlers (ADD/MODIFY handlers)"}]},{"url":"#deployment-of-groovy-script-connector","title":"Deployment of Groovy Script connector","items":[{"url":"#key-considerations-for-deploying-a-remote-connector","title":"Key considerations for deploying a remote connector"}]},{"url":"#registering-a-connector-with-openiam","title":"Registering a connector with OpenIAM","items":[{"url":"#detailed-deployment-strategies","title":"Detailed deployment strategies"}]}]}]},"parent":{"relativePath":"connectorconfig/scriptConnector/GroovyScriptConnector.md"},"frontmatter":{"metaTitle":"Configuring Groovy Script connector","metaDescription":"This page describes how to configure and use flexible groovy script connector"}},"allMdx":{"edges":[{"node":{"fields":{"slug":"/changelog","title":"Change log"}}},{"node":{"fields":{"slug":"/appendix","title":"Appendix"}}},{"node":{"fields":{"slug":"/connectorconfig","title":"IdM Connectors"}}},{"node":{"fields":{"slug":"/admin","title":"Administration guide"}}},{"node":{"fields":{"slug":"/developerguide","title":"Developer Guide"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice","title":"End user guide for SelfService portal"}}},{"node":{"fields":{"slug":"/getting-started","title":"Getting Started"}}},{"node":{"fields":{"slug":"/troubleshooting","title":"FAQ / Troubleshooting"}}},{"node":{"fields":{"slug":"/whatsnew","title":"What's new in OpenIAM"}}},{"node":{"fields":{"slug":"/ssocatalog","title":"SSO Catalog"}}},{"node":{"fields":{"slug":"/admin/0-login","title":"Logging in to the admin portal"}}},{"node":{"fields":{"slug":"/admin/1-exportimport","title":"Import / Export"}}},{"node":{"fields":{"slug":"/","title":"Welcome to the OpenIAM Documentation"}}},{"node":{"fields":{"slug":"/installation","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/admin/1-usradmin","title":"User administration"}}},{"node":{"fields":{"slug":"/admin/12-administration","title":"Administration"}}},{"node":{"fields":{"slug":"/admin/10-consent-management","title":"Consent management"}}},{"node":{"fields":{"slug":"/admin/10-password","title":"Password policy"}}},{"node":{"fields":{"slug":"/admin/13-selfregistration","title":"Self-registration"}}},{"node":{"fields":{"slug":"/admin/15-audit","title":"Audit"}}},{"node":{"fields":{"slug":"/admin/14-Help.Desk.User.Profile.Protection","title":"HelpDesk profile protection"}}},{"node":{"fields":{"slug":"/admin/16-admin-pswd-change","title":"Password reset for administrator's account"}}},{"node":{"fields":{"slug":"/admin/18-services-passwd-change-k8","title":"Password update for OpenIAM services in Kubernetes"}}},{"node":{"fields":{"slug":"/admin/2-authentication","title":"Authentication"}}},{"node":{"fields":{"slug":"/admin/19-reports","title":"OpenIAM report services"}}},{"node":{"fields":{"slug":"/admin/21-graph-rebuild","title":"Rebuilding OpenIAM's in-memory authorization graph"}}},{"node":{"fields":{"slug":"/admin/3-authz","title":"Managing access"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/admin/20-virtual-tentant-by-org","title":"Enabling a virtual tenant by organization"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov","title":"Requests / Approval"}}},{"node":{"fields":{"slug":"/admin/22-token-session-util","title":"Session management utility for RPM"}}},{"node":{"fields":{"slug":"/admin/7-access-cert","title":"User access review"}}},{"node":{"fields":{"slug":"/admin/8-sso","title":"Federation / SSO to applications"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle","title":"Automated provisioning"}}},{"node":{"fields":{"slug":"/changelog/13-Release-4.2.1.7","title":"Release 4.2.1.7"}}},{"node":{"fields":{"slug":"/changelog/14-Release-4.2.1.8","title":"Release 4.2.1.8"}}},{"node":{"fields":{"slug":"/changelog/12-Release-4.2.1.6","title":"Release 4.2.1.6"}}},{"node":{"fields":{"slug":"/changelog/11-Release-4.2.1.5","title":"Release 4.2.1.5"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy","title":"Access gateway"}}},{"node":{"fields":{"slug":"/changelog/16-Release-4.2.1.10","title":"Release 4.2.1.10"}}},{"node":{"fields":{"slug":"/changelog/15-Release-4.2.1.9","title":"Release 4.2.1.9"}}},{"node":{"fields":{"slug":"/changelog/17-Release-4.2.1.11","title":"Release 4.2.1.11"}}},{"node":{"fields":{"slug":"/changelog/18-Release-4.2.1.12","title":"Release 4.2.1.12"}}},{"node":{"fields":{"slug":"/changelog/19-Release-4.2.1.13","title":"Release 4.2.1.13"}}},{"node":{"fields":{"slug":"/changelog/20-Release-4.2.1.14","title":"Release 4.2.1.14"}}},{"node":{"fields":{"slug":"/changelog/22-v2026.1.1","title":"Changelog for v2026.1.1"}}},{"node":{"fields":{"slug":"/appendix/1-self-signedcert","title":"Generate Self-signed Cert"}}},{"node":{"fields":{"slug":"/appendix/2-openssl","title":"Install OpenSSL"}}},{"node":{"fields":{"slug":"/changelog/23-v2026.5.2","title":"Changelog for v2026.5.2"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.1.15","title":"Release 4.2.1.15"}}},{"node":{"fields":{"slug":"/appendix/3-installopenldap","title":"Install OpenLDAP on Ubuntu"}}},{"node":{"fields":{"slug":"/connectorconfig/2-configparam","title":"Connector parameters"}}},{"node":{"fields":{"slug":"/connectorconfig/4-troubleshootingconnector","title":"Provisioning operations troubleshooting"}}},{"node":{"fields":{"slug":"/connectorconfig/JDBC","title":"JDBC connector"}}},{"node":{"fields":{"slug":"/connectorconfig/LDAP","title":"LDAP connector"}}},{"node":{"fields":{"slug":"/connectorconfig/SAPUME","title":"SAP UME connector"}}},{"node":{"fields":{"slug":"/connectorconfig/adp","title":"ADP connector"}}},{"node":{"fields":{"slug":"/appendix/4-prepforprod","title":"Prepare for Production"}}},{"node":{"fields":{"slug":"/connectorconfig/aerospike","title":"Aerospike connector"}}},{"node":{"fields":{"slug":"/connectorconfig/freeIPA","title":"FreeIPA connector"}}},{"node":{"fields":{"slug":"/connectorconfig/gsuite","title":"GSuite connector"}}},{"node":{"fields":{"slug":"/connectorconfig/linux","title":"Linux connector"}}},{"node":{"fields":{"slug":"/connectorconfig/aws","title":"AWS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/oracle","title":"Oracle RDBMS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft","title":"Microsoft Application Connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/oracleebs","title":"Oracle EBS connector"}}},{"node":{"fields":{"slug":"/connectorconfig/postgresql","title":"PostgreSQL connector"}}},{"node":{"fields":{"slug":"/admin/17-services-manual-passwd-change","title":"Manual password update for OpenIAM services in RPM"}}},{"node":{"fields":{"slug":"/connectorconfig/sap","title":"SAP S/4 Hana connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector","title":"Groovy Script connector"}}},{"node":{"fields":{"slug":"/connectorconfig/salesforce","title":"Salesforce.com connector"}}},{"node":{"fields":{"slug":"/connectorconfig/tableau","title":"Tableau connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scim","title":"SCIM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/workday","title":"Workday connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css","title":"Customizing branding"}}},{"node":{"fields":{"slug":"/developerguide/10-OpenIAM-opensource-rep","title":"OpenIAM open source repository"}}},{"node":{"fields":{"slug":"/developerguide/11-groovy-scripts","title":"Groovy Script Management"}}},{"node":{"fields":{"slug":"/developerguide/2-api","title":"RESTful API"}}},{"node":{"fields":{"slug":"/developerguide/3-whitelisting","title":"Whitelisting packages"}}},{"node":{"fields":{"slug":"/developerguide/6-ide","title":"Script development using an IDE"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel","title":"Data model"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization","title":"Synchronization Scripts"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/1-login","title":"Logging in to SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice","title":"Operations via SelfService portal"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest","title":"Request management"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/6-singlesignon","title":"Single sign-on"}}},{"node":{"fields":{"slug":"/developerguide/4-scheduledtasks","title":"Batch/Scheduled tasks"}}},{"node":{"fields":{"slug":"/getting-started/1-what_is_openiam","title":"What is OpenIAM?"}}},{"node":{"fields":{"slug":"/getting-started/2-productarchitecture","title":"Platform architecture"}}},{"node":{"fields":{"slug":"/getting-started/3-install_openiam","title":"Installing OpenIAM"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess","title":"User access rights"}}},{"node":{"fields":{"slug":"/getting-started/21-concepts","title":"Concepts"}}},{"node":{"fields":{"slug":"/getting-started/5-connecting","title":"Connecting to an authoritative source"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding","title":"Application onboarding"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce","title":"Discovery questions"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning","title":"Automated user provisioning"}}},{"node":{"fields":{"slug":"/getting-started/8-openiam-with-IdP","title":"Integrating OpenIAM with your IdP"}}},{"node":{"fields":{"slug":"/getting-started/99-multifactor-authentication","title":"Configuring multi-factor authentication"}}},{"node":{"fields":{"slug":"/getting-started/9-openiam-as-IdP","title":"Integrating OpenIAM as your IdP"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation","title":"Deploying to Kubernetes"}}},{"node":{"fields":{"slug":"/getting-started/7-selfservice-pswd","title":"SelfService password reset"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation","title":"Deploying on OpenShift"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation","title":"Deploying via RPM on Linux"}}},{"node":{"fields":{"slug":"/installation/8-sizing","title":"Sizing recommendations"}}},{"node":{"fields":{"slug":"/installation/9-data_migration","title":"OpenIAM data migration"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation","title":"Deploying via Docker"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous","title":"Miscellaneous related articles"}}},{"node":{"fields":{"slug":"/ssocatalog/AWS","title":"AWS SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Freshdesk","title":"Freshdesk SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Gsuite","title":"GSuite SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Azure","title":"Azure SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Salesforce","title":"Salesforce.com"}}},{"node":{"fields":{"slug":"/ssocatalog/okta","title":"Okta SSO"}}},{"node":{"fields":{"slug":"/ssocatalog/Office365","title":"Office365 SSO"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster","title":"Cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/environment","title":"Environment"}}},{"node":{"fields":{"slug":"/troubleshooting/docker","title":"Docker Swarm"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors","title":"Connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/operational","title":"Operational"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm","title":"RPM"}}},{"node":{"fields":{"slug":"/whatsnew/1-v420","title":"New in v4.2.0.0"}}},{"node":{"fields":{"slug":"/troubleshooting/v3_update","title":"Update from V3.X to V4.X"}}},{"node":{"fields":{"slug":"/whatsnew/10-v4218","title":"New in v4.2.1.8"}}},{"node":{"fields":{"slug":"/whatsnew/11-v4219","title":"New in v4.2.1.9"}}},{"node":{"fields":{"slug":"/whatsnew/14-v42112","title":"New in v4.2.1.12"}}},{"node":{"fields":{"slug":"/whatsnew/15-v42113","title":"New in v4.2.1.13"}}},{"node":{"fields":{"slug":"/whatsnew/16-v42115","title":"New in v4.2.1.15"}}},{"node":{"fields":{"slug":"/whatsnew/16-v422","title":"New in v4.2.2"}}},{"node":{"fields":{"slug":"/whatsnew/13-v42111","title":"New in v4.2.1.11"}}},{"node":{"fields":{"slug":"/whatsnew/17-v2026.1.1","title":"New in v2026.1.1"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.3.1","title":"New in v2026.3.1"}}},{"node":{"fields":{"slug":"/whatsnew/12-v42110","title":"New in v4.2.1.10"}}},{"node":{"fields":{"slug":"/whatsnew/18-v2026.2.1","title":"New in v2026.2.1"}}},{"node":{"fields":{"slug":"/whatsnew/19-v2026.3.2","title":"New in v2026.3.2"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.3.3","title":"New in 2026.3.3"}}},{"node":{"fields":{"slug":"/whatsnew/21-v2026.4.2","title":"New in v2026.4.2"}}},{"node":{"fields":{"slug":"/whatsnew/20-v2026.4.1","title":"New in v2026.4.1"}}},{"node":{"fields":{"slug":"/whatsnew/22-v2026.5.2","title":"New in v2026.5.2"}}},{"node":{"fields":{"slug":"/whatsnew/8-v4216","title":"New in v4.2.1.6"}}},{"node":{"fields":{"slug":"/whatsnew/9-v4217","title":"New in v4.2.1.7"}}},{"node":{"fields":{"slug":"/whatsnew/7-v4215","title":"New in v4.2.1.5"}}},{"node":{"fields":{"slug":"/connectorconfig/rexx","title":"Rexx connector"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/10-bulkoperations","title":"Bulk operations"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/1-createuser","title":"Creating a user"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/11-bulkentitlements","title":"Bulk operations with entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/13-unlock-account","title":"Unlocking an account"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/14-add-remove-entitlements","title":"Adding/Removing entitlements"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/15-rehireuserflow","title":"Rehire user flow"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/12-externaldelegation","title":"Organization level delegation"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/16-user-conversion","title":"User conversion"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/17-newhireworkflow","title":"New hire workflow configuration"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/18-creating-new-dept-division","title":"Creating a new department or division"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/3-adminoperations","title":"Administrative actions on a User"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration","title":"Configuring page templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/2-usertypes","title":"Custom user types"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/5-finduser","title":"User search"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/8-serviceaccounts","title":"Service accounts"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/7-customfields","title":"Custom fields"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/9-orphanmanagement","title":"Orphan management"}}},{"node":{"fields":{"slug":"/admin/10-password/1-pswd-compromised","title":"Password breach detection"}}},{"node":{"fields":{"slug":"/admin/12-administration/3-squence-generator","title":"Sequence generators"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/6-relatedAccount","title":"Related accounts"}}},{"node":{"fields":{"slug":"/admin/12-administration/4-otpconfig","title":"Configure OTP Provider"}}},{"node":{"fields":{"slug":"/admin/12-administration/6-languages","title":"Managing languages"}}},{"node":{"fields":{"slug":"/admin/12-administration/5-links","title":"External links on login page"}}},{"node":{"fields":{"slug":"/admin/12-administration/7-reconciliationhistory","title":"Reconciliation history"}}},{"node":{"fields":{"slug":"/admin/12-administration/8-aboutopenIAM-page","title":"About OpenIAM Page"}}},{"node":{"fields":{"slug":"/admin/12-administration/9-reindex_elasticsearch","title":"Reindex Opensearch"}}},{"node":{"fields":{"slug":"/admin/15-audit/2-audit-log-export-connector","title":"Audit log export connector"}}},{"node":{"fields":{"slug":"/admin/12-administration/99-heartbeat","title":"Heartbeat links"}}},{"node":{"fields":{"slug":"/admin/2-authentication/1-auth-overview","title":"Configuring authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/11-credentialprovider","title":"Credential provider"}}},{"node":{"fields":{"slug":"/admin/2-authentication/10-fidologin","title":"FIDO-2 authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/13-criiptoauth","title":"Criipto authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-account-unlock","title":"Setting up account unlock"}}},{"node":{"fields":{"slug":"/admin/15-audit/1-audit-events-interpret","title":"Audit events interpretation"}}},{"node":{"fields":{"slug":"/admin/2-authentication/14-duo-auth","title":"Duo authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/15-modernauth","title":"Microsoft Modern authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/12-certificateauth","title":"Configuring certificate-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/16-external-multiselect-auth","title":"External/multiselect authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-auth-policy","title":"Authentication policy"}}},{"node":{"fields":{"slug":"/admin/2-authentication/2-delegatedauth","title":"Managed System authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/21-dashboards","title":"Monitoring dashboards"}}},{"node":{"fields":{"slug":"/admin/2-authentication/3-passwordauth","title":"Password-based authentication"}}},{"node":{"fields":{"slug":"/admin/2-authentication/9-adaptiveauth","title":"Adaptive authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/1-overview","title":"Introduction to access control"}}},{"node":{"fields":{"slug":"/admin/2-authentication/7-otp","title":"OTP over SMS or E-mail"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus","title":"Menus"}}},{"node":{"fields":{"slug":"/admin/3-authz/10-accessright","title":"Access rights"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social","title":"Social authentication"}}},{"node":{"fields":{"slug":"/admin/3-authz/11-contentprovider","title":"Content provider"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups","title":"Managing groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/4-types","title":"Metadata types"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-conflict-groups","title":"Conflict Groups"}}},{"node":{"fields":{"slug":"/admin/3-authz/5-resources","title":"Managing resources"}}},{"node":{"fields":{"slug":"/admin/3-authz/8-accesstossoapps","title":"Access to SSO applications"}}},{"node":{"fields":{"slug":"/admin/3-authz/6-organization","title":"Managing organizations"}}},{"node":{"fields":{"slug":"/admin/3-authz/9-approvalflow","title":"Configuring approval workflows"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles","title":"Managing roles"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/1-Automated-applications","title":"Connected applications"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications","title":"Manual applications"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/10-managedsystemsimulation","title":"Managed system simulation mode"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config","title":"Configure Provisioning"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/12-LDAP-managedsys-config","title":"LDAP Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/2-incrementalsynch","title":"Incremental synchronization"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/3-recon","title":"Configure reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/6-managedsystem-config","title":"Managed system configuration"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/4-birthright","title":"Birthright access"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/5-recon-groovy","title":"Groovy Scripts for Reconciliation"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/8-importentitlements","title":"Import entitlements"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/9-importorganization","title":"Import Organizations"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/1-synch","title":"Configuring synchronization"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/1-application-category","title":"Application categories"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/2-approval-flow","title":"Approval flow"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/5-approve-by-email","title":"Approving requests via Email"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/3-manualTasks","title":"Manual tasks"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/4-post-request","title":"After request has been approved"}}},{"node":{"fields":{"slug":"/admin/6-requestapprov/7-questionnaire","title":"Questionnaire"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/1-entitlmentcert","title":"Entitlement based certification"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/11-campaign-dashboard","title":"Campaign dashboard"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-event-driven-cert","title":"Risk event driven certification"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/3-certification-reporting","title":"Certification reporting"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-risk-factor-config","title":"Risk factors configuration"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/5-delete-campaign","title":"Deleting an access certification campaign"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/10-mitigation-controls","title":"Mitigation controls for SoD"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/4-membership-tags","title":"Membership tags"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/6-campaign-database","title":"Access certification campaigns as database objects"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/7-expiration-policy","title":"Expiration policy"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/2-usercert","title":"User based review"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/9-segregation-of-duties","title":"Segregation of Duties (SoD) policies"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/thesaurus","title":"Access Certification Thesaurus"}}},{"node":{"fields":{"slug":"/admin/7-access-cert/8-multiple-reviwer-campaigns","title":"Multi-reviewer user access review campaigns"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2","title":"oAuth 2.0"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml","title":"Add SAML SP to OpenIAM"}}},{"node":{"fields":{"slug":"/admin/8-sso/3-oidc","title":"OpenID Connect"}}},{"node":{"fields":{"slug":"/admin/8-sso/5-auth_scopes","title":"OpenIAM oAuth scopes"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/2-headerinj","title":"Header Injection"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/3-urlrewriting","title":"URL Rewriting"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/6-example","title":"Examples"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/7-rProxy-loadbalancer","title":"Reverse Proxy with Load Balancer"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/8-kerberos","title":"Setting up Kerberos via rProxy"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/1-formfill","title":"Form Fill"}}},{"node":{"fields":{"slug":"/admin/9-r-Proxy/9-directive-reference","title":"mod_openiam Directive Reference"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/1-powershellconnectorinstallation","title":"Installing PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal","title":"WinLocal OpenIAM connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-WindowsPasswordFilter","title":"AD Password Filter"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/13-successfactors","title":"SuccessFactors connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/12-dynamics365FO","title":"Dynamics365 Finance&Operations connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/15-powershell-generic","title":"Building a custom PowerShell connector for OpenIAM"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management","title":"Mail management"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig","title":"System configuration"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/14-psgraph","title":"Microsoft Graph PowerShell connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/16-teams","title":"Microsoft Teams connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/2-powershellconnectorsusage","title":"Using PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/3-powershellconnectorupdate","title":"Updating PowerShell connectors"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/5-azuread","title":"Entra ID/O365 connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/6-exchange","title":"Exchange connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/7-azuredevops","title":"Azure DevOps connector"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/connector-request-template","title":"OpenIAM connector request template"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/9-sqlserver","title":"Microsoft SQL Server connector"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/8-dynamics365","title":"Dynamics365 connector"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/2-cssexamples","title":"CSS file examples"}}},{"node":{"fields":{"slug":"/developerguide/1-custom-css/1-customcss","title":"Creating custom CSS"}}},{"node":{"fields":{"slug":"/connectorconfig/scriptConnector/GroovyScriptConnector","title":"Configuring Groovy Script connector"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman","title":"Getting started with Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java","title":"Getting started with Java"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/1-provision-on-date","title":"Provision/Deprovision on date"}}},{"node":{"fields":{"slug":"/developerguide/4-sheduledtasks/2-access-certification-reminder","title":"Notification reminders for approvers"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python","title":"Getting started with Python"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/2-rbacmodel","title":"Access control model"}}},{"node":{"fields":{"slug":"/developerguide/5-datamodel/1-usermodel","title":"User data model"}}},{"node":{"fields":{"slug":"/developerguide/8-api/approver-association","title":"/webconsole - approver-association"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-right","title":"/webconsole - access-right"}}},{"node":{"fields":{"slug":"/developerguide/8-api/audit-log","title":"/webconsole - audit-log"}}},{"node":{"fields":{"slug":"/developerguide/8-api/authentication-grouping","title":"/webconsole - authentication-grouping"}}},{"node":{"fields":{"slug":"/developerguide/8-api/access-certification","title":"/webconsole - access-certification"}}},{"node":{"fields":{"slug":"/developerguide/8-api/batch","title":"/webconsole - batch"}}},{"node":{"fields":{"slug":"/developerguide/8-api/auth-provider","title":"/webconsole - auth-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/challenge-response","title":"/webconsole - challenge-response"}}},{"node":{"fields":{"slug":"/developerguide/8-api/connector","title":"/webconsole - connector"}}},{"node":{"fields":{"slug":"/developerguide/8-api/groovy-manager","title":"/webconsole - groovy-manager"}}},{"node":{"fields":{"slug":"/developerguide/8-api/content-provider","title":"/webconsole - content-provider"}}},{"node":{"fields":{"slug":"/developerguide/8-api/email","title":"/webconsole - email"}}},{"node":{"fields":{"slug":"/developerguide/8-api/field","title":"/webconsole - field"}}},{"node":{"fields":{"slug":"/developerguide/8-api/group","title":"/webconsole - group"}}},{"node":{"fields":{"slug":"/developerguide/8-api/it-policy","title":"/webconsole - it-policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-oauth","title":"/idp - idp-oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/elastic-search","title":"/webconsole - elastic-search"}}},{"node":{"fields":{"slug":"/developerguide/8-api/idp-rest","title":"/idp - idp-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/managed-system","title":"/webconsole - managed-system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/menu","title":"/webconsole - menu"}}},{"node":{"fields":{"slug":"/developerguide/8-api/metadata","title":"/webconsole - metadata"}}},{"node":{"fields":{"slug":"/developerguide/8-api/oauth","title":"/webconsole - oauth"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization-type","title":"/webconsole - organization-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/organization","title":"/webconsole - organization"}}},{"node":{"fields":{"slug":"/developerguide/8-api/page-template","title":"/webconsole - page-template"}}},{"node":{"fields":{"slug":"/developerguide/8-api/property-value","title":"/webconsole - property-value"}}},{"node":{"fields":{"slug":"/developerguide/8-api/policy","title":"/webconsole - policy"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource-type","title":"/webconsole - resource-type"}}},{"node":{"fields":{"slug":"/developerguide/8-api/report","title":"/webconsole - report"}}},{"node":{"fields":{"slug":"/developerguide/8-api/resource","title":"/webconsole - resource"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-config","title":"/webconsole - sync-config"}}},{"node":{"fields":{"slug":"/developerguide/8-api/role","title":"/webconsole - role"}}},{"node":{"fields":{"slug":"/developerguide/8-api/system","title":"/webconsole - system"}}},{"node":{"fields":{"slug":"/developerguide/8-api/sync-rest","title":"/webconsole - sync-rest"}}},{"node":{"fields":{"slug":"/developerguide/8-api/ui-theme","title":"/webconsole - ui-theme"}}},{"node":{"fields":{"slug":"/developerguide/8-api/uri-pattern","title":"/webconsole - uri-pattern"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov","title":"Automated provisioning Scripts"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import","title":"Import from application"}}},{"node":{"fields":{"slug":"/developerguide/8-api/user","title":"/webconsole - user"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/3-importing_groups","title":"Importing groups from application"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/4-relations-with-manager","title":"Populating a manager"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/1-forgotpassword","title":"Forgot password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/3-changepassword","title":"Updating your password"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/2-updateprofile","title":"Updating user profile"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/4-outofoffice","title":"Out of office assistant"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/5-forgotusername","title":"Forgot username"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/2-selfservice/6-updatesecquestions","title":"Updating security questions"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/10-positionchange","title":"Position change request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/1-servicecatalog","title":"Requesting access via catalog"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/11-accessprofiles","title":"Access profiles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/2-jobprofile","title":"Requesting access from profile"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/5-approverequest","title":"Approving requests"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/6-requestadministration","title":"Request administration"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/12-bulkupload","title":"Uploading users in bulk"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/7-requesthistory","title":"Requests history"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/8-newgroup","title":"Creating a group request"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/4-createrequest/9-newuser","title":"Creating a new user"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/1-viewmyaccess","title":"View my access"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/3-UAR-in-Self-Service","title":"User access review module in SelfService"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/1-designrole","title":"Designing business roles"}}},{"node":{"fields":{"slug":"/end-user-guide-for-selfservice/7-useraccess/2-directreports","title":"View direct reports"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/2-openiam-access-role","title":"Designing access roles"}}},{"node":{"fields":{"slug":"/getting-started/31-planning-workforce/3-connector-planning","title":"Connector requirements"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial","title":"Automated provisioning tutorial"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/1-jml","title":"Joiners, movers, leavers processes"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect","title":"Deploying and registering connectors"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements","title":"Importing entitlements"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements","title":"Importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode","title":"Single VM Install"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/12-migrating-onpremises-to-cloud","title":"Migrating OpenIAM from on-premises installation to a cloud-based infrastructure"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/11-configuration-options","title":"Configuration options in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/10-ha-rpm","title":"High availability (HA) deployment using RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/2-rproxy","title":"r-Proxy installation in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/4-backup","title":"RPM backup / recovery"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports","title":"Deployment architecture in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-migrating-non-production-to-production-environment","title":"Migrating non-production to production environment in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB","title":"Installing OpenIAM with a remote database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/8-ssl","title":"Configuring HTTPS in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/9-rabbitssl","title":"Enable TLS for RabbitMQ in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/2-Configuration-options","title":"Configuration options in Docker"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading","title":"Upgrading OpenIAM in RPM"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/1-https","title":"Configuring HTTPS on Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading","title":"Upgrading OpenIAM in Docker environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/6-externalDB","title":"Installing OpenIAM with a remote database in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/5-docker-swarm-backup","title":"Backup / restore in Docker Swarm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/1-ssl","title":"Configuring HTTPS in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/11-common-scenario","title":"Installing OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/12-vault-migration-fromRPM-toK8","title":"Migration of Vault from RPM-based cluster to Kubernetes-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/10-backup-and-restoration","title":"Backup and restoration procedure in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/3-depl-without-terraform","title":"Deploying OpenIAM on Kubernetes using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/4-RabbitMQ-TLS","title":"RabbitMQ TLS directory in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/4-YAML-files","title":"Docker YAML files"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms","title":"Kubernetes Platforms"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/2-deployment-with-terraform","title":"Deploying OpenIAM with Terraform"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading","title":"Upgrading OpenIAM in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/7-useal-keys-restoration","title":"Backing up and restoring the vault unseal keys in Kubernetes"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/1-create-cluster","title":"Creating an OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/9-remoteDB","title":"Installing OpenIAM with a remote database in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/2-connect-to-cluster","title":"Connect to OpenShift cluster on Azure"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/3-deploy-OpenIAM-helm","title":"Deploy OpenIAM to OpenShift cluster with Helm"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/4-some-descriptions-helm","title":"Memory requirements for OpenShift deployment with Helm"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/5-localhost-dev-cluster","title":"Localhost development cluster"}}},{"node":{"fields":{"slug":"/installation/7-OpenShift-installation/6-deploy-from-windows","title":"Deploy OpenIAM to OpenShift cluster with Helm (from Windows)"}}},{"node":{"fields":{"slug":"/installation/8-sizing/1-small-k8","title":"Small Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/8-sizing/2-medium-k8","title":"Medium Enterprise - K8"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/02-hardening","title":"Securing your installation"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/8-AKS_with_ext_MSSQL","title":"Deploying OpenIAM on AKS (Kubernetes) with an external MSSQL database"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/01-log4j","title":"Log4j Vulnerability"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/03-db-switch","title":"Change OpenIAM product database"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/04-compatibility","title":"Compatibility matrix"}}},{"node":{"fields":{"slug":"/installation/9-miscellaneous/05-postgres-install","title":"Installing PostgreSQL 15"}}},{"node":{"fields":{"slug":"/installation/9-data_migration/1-migrating_ES_Docker","title":"Verifying and migrating Elasticsearch data in Docker-based OpenIAM cluster"}}},{"node":{"fields":{"slug":"/installation/99-miscellaneous/04-compatibility","title":"Compatibility Matrix"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/1-connectorlogs","title":"View container logs"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/3-uninstall","title":"Remove an OpenIAM Docker Install"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/2-containersrestart","title":"Containers Restarting"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/4-troubleshooting-steps","title":"Troubleshooting steps in a container-based cluster"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/disableswap","title":"Disable swap"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/memoryutili","title":"Check memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/environment/redismemory","title":"Redis memory utilization"}}},{"node":{"fields":{"slug":"/troubleshooting/docker/5-log-checking-guide","title":"Docker log checking guide"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-after-migration","title":"Access problem after migrating OpenIAM"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/activationlink","title":"Error when sending activation link"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/audit-doc-timestamp","title":"Audit document timestamp issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/access-forbidden","title":"Access Forbidden error"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/auth-manager","title":"Backend exception error when running authentication manager"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/JDBC-connection-pool","title":"Increasing the JDBC connection pool size"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/database-reset","title":"Database reset"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/elasticsearch-readonly-state","title":"Elasticsearch read-only state"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/flyway_version","title":"Flyway version issue"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/increasing-RAM","title":"Increasing memory for OpenIAM services"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/modifly_system_labels_and_messages","title":"Changing system labels and messages"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/lackof_disk_space","title":"Running out of disk space"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/debug-logs-CassandraJanusGraph","title":"Enabling and disabling debug logs for Cassandra and JanusGraph"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/overriding-app-properties","title":"Overriding UI application properties"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/my-application-page-selfservice","title":"Changing refresh time for My Applications page in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/pad-block-corrupted","title":"PAD Block Corrupted"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/remove-navigation-bar","title":"Removing menu items from top navigation bar"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/report-generation-issue","title":"Error during report generating in RPM installations"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/failed-dependencies","title":"Failed dependencies"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/run_flyway_repair_mode","title":"Run Flyway in repair mode"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/resetting_passwords","title":"Resetting passwords"}}},{"node":{"fields":{"slug":"/troubleshooting/rpm/trobleshooting_guide","title":"Troubleshooting guide for RPM"}}},{"node":{"fields":{"slug":"/troubleshooting/connectors/sync-vs-async-source","title":"Synchronous vs. asynchronous synchronization source for connectors"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/username_in_selfservice","title":"Username not shown in SelfService"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/1-rabbitmq-reinit","title":"RabbitMQ cluster went out of order"}}},{"node":{"fields":{"slug":"/troubleshooting/operational/unlocksysadmin","title":"Unlock sysadmin"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/2-rabbitmq-UI","title":"RabbitMQ is not reached from UI in RPM installations"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/1-userpage","title":"Configuring user page templates"}}},{"node":{"fields":{"slug":"/troubleshooting/cluster/3-Rabbitmq-connection-timeout","title":"RabbitMQ connection timeout issue"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/4-customtemplates","title":"Custom form templates"}}},{"node":{"fields":{"slug":"/admin/1-usradmin/4-pageconfiguration/2-customuserpage","title":"Creating more custom user edit pages"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/1-system","title":"System tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/3-UI","title":"UI tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/2-regex-validation","title":"Validation regular expressions"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/4-workflow","title":"Workflow tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/5-organization-tab","title":"Organization tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/6-password","title":"Password tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/7-authentication","title":"Authentication tab"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/8-auditeventstosyslog","title":"Exporting audit events to syslogs"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/1-emailtemplates","title":"Email templates"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/3-multilanguagemail","title":"Multilanguage emails"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/2-smtpconfig","title":"Mailbox Configuration"}}},{"node":{"fields":{"slug":"/admin/12-administration/1-sysconfig/9-health-checks","title":"Configuring health checks for managed systems"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/4-mail-via-azure","title":"Mailbox configuration via Azure application"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/5-alert-notifications","title":"Configuring alert notifications"}}},{"node":{"fields":{"slug":"/admin/12-administration/2-mail-management/6-email-template-variables","title":"Email template variables reference"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/1-googlesociallogin","title":"Google Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/2-facebooksociallogin","title":"Facebook Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/3-linkedinsociallogin","title":"LinkedIn Social Login"}}},{"node":{"fields":{"slug":"/admin/2-authentication/8-social/4-appleidsociallogin","title":"AppleID Social Login"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/2-adminaccess","title":"Admin access role"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/3-FAQ","title":"FAQs about menus and their use"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/1-enduseraccess","title":"End-user access roles"}}},{"node":{"fields":{"slug":"/admin/3-authz/14-menus/4-Config-Lhand-menu-SS-MyInfo","title":"Configurable left-hand menu in SelfService 'My Info' page"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/1-role-types","title":"Types of roles existing in OpenIAM"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/2-createrole","title":"Create role"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/3-findrole","title":"Finding an existing role"}}},{"node":{"fields":{"slug":"/admin/3-authz/3-groups/1-create-group","title":"Creating a group"}}},{"node":{"fields":{"slug":"/admin/4-app-onboarding/2-Manual-applications/1-reg-applications","title":"Register applications"}}},{"node":{"fields":{"slug":"/admin/3-authz/2-roles/5-importingroles","title":"Importing roles"}}},{"node":{"fields":{"slug":"/admin/5-lifecycle/11-provisioning-config/1-prepost-processor","title":"Pre/PostProcessor"}}},{"node":{"fields":{"slug":"/admin/8-sso/1-saml/1-jit-provisioning","title":"Just-in-time Provisioning"}}},{"node":{"fields":{"slug":"/admin/8-sso/2-oauth2/1-Auth-code-grand","title":"Authorization code grant type"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/2-winlocalv5","title":"Version 5"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/10-winlocal/1-winlocalv4","title":"Version 4"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/1-createauthprovider","title":"Create OpenIAM Provider for Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/2-postmanconfig","title":"Create Postman collection"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/4-JWT-tokens","title":"Getting started with JWT tokens in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/3-add-request","title":"Define an API request in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/5-postman-links","title":"Postman API documentation links"}}},{"node":{"fields":{"slug":"/developerguide/2-api/1-postman/6-example","title":"Client credentials flow with a defined scope in Postman"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/2-grantinguathz","title":"Granting authorization to the API with Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/3-api-call-examples","title":"API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/5-object-oriented-impl-example","title":"Object oriented implementation for REST API in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/4-enabling-disabling-user","title":"Enabling/Disabling a user with API calls examples in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/6-OTP-verification","title":"OTP Verification in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/2-python/1-createauthprovider","title":"Create OpenIAM oAuth provider in Python"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/1-createauthprovider","title":"Create OpenIAM Provider"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/2-grantauthz","title":"Granting authorization to the API with Java"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/1-autoprov/1-newhires","title":"New hires"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/3-azuread","title":"Entra ID"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/6-importroles","title":"Import Roles"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/1-provisioningCSV","title":"Creating a synchronization configuration for the source"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/3-creating-searching-users","title":"Creating and searching a user with API call in Java"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/4-calls-examples","title":"API calls examples in Java"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/2-policymap","title":"Policy map"}}},{"node":{"fields":{"slug":"/developerguide/2-api/3-java/5-enabling-disabling-users","title":"Enabling/Disabling a user with API calls examples in Java"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/4-birthright","title":"New hire"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/5-transfer","title":"Transfer"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/3-creatingrole","title":"Creating role"}}},{"node":{"fields":{"slug":"/getting-started/6-automatedprovisioning/2-tutorial/6-termination","title":"Terminations"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/2-rpm","title":"Connectors via RPM"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/3-docker","title":" Connectors via Docker"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/1-connect/4-k8","title":" Connectors via Kubernetes"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/3-troubleshooting","title":"Troubleshooting"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/1-config-synch","title":"Configuring synchronization for importing users and their entitlement memberships"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts","title":"Transformation scripts"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/3-common-questions","title":"Common questions"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/1-rpm-with-internet","title":"Installation with Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/2-rpm-no-internet","title":"Installation without Internet access"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/1-singlenode/3-nonroot-partition","title":"Installing OpenIAM on a non-root partition"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/1-one-node","title":"Single node deployment"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/1-configuring-synch","title":"Configuring synchronization for importing entitlements"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/5-ports/2-three-node","title":"Three node cluster"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/1-databasemigration","title":"Database migration from version 3.X to 4.X"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/10-upgrading-2026-4-2","title":"Upgrading OpenIAM to v.2026.4.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/3-upgradingto-42111","title":"Upgrading from versions 4.2.1.9-4.2.1.10 to version 4.2.1.11 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/2-upgradingto-42110","title":"Upgrading from version 4.2.1.5-4.2-4.2.1.8 to version 4.2.1.10 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-migrating-index-data","title":"Migration of index data from older ElasticSearch versions to newer one"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/4-upgradingto-42112","title":"Upgrading from versions 4.2.1.x to version 4.2.1.12 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-infrastructure_upgrade","title":"Infrastructure upgrade"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/5-upgradingto-42115","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/6-infra-upgrade-42113","title":"Infrastructure upgrade in v4.2.1.13"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrade2026.5.2","title":"Upgrading notes for v.2026.5.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/7-upgradingto-422","title":"Upgrading OpenIAM from versions 4.2.1.x to 4.2.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-2-1","title":"Upgrading OpenIAM to v.2026.2.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-1","title":"Upgrading OpenIAM to v.2026.3.1 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/8-upgrading-2026-3-2","title":"Upgrading OpenIAM to v.2026.3.2 in RPM"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/6-upgrading/9-422-changes","title":"Known issues related to upgrading from 4.2.1.x to 2026.4.1 version"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/1-oracle","title":"Installing OpenIAM with a remote Oracle database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/2-postgres","title":"Installing OpenIAM with a remote Postgres database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/1-upgrade-4219","title":"Upgrade from version 4.2.1.5-4.2.1.8 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/1-rpm-installation/7-remoteDB/3-MSSQL","title":"Installing OpenIAM with a remote MSSQL database in RPM environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/2-upgrade-42110","title":"Upgrade from version 4.2.1.9 to version 4.2.1.10 in Docker"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/4-upgrade-42115","title":"Upgrade from version 4.2.1.x to version 4.2.1.15 in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/3-upgrade-42113k8-rabbitmq","title":"Upgrading from version below 4.2.1.8 to version 4.2.1.13 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/4-upgrade-42115k8","title":"Upgrading from versions 4.2.1.x to version 4.2.1.15 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/2-docker-installation/3-upgrading/3-upgrade-42111","title":"Upgrade from version 4.2.1.10 to version 4.2.1.11 in Docker"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/5-upgrade-42112k8","title":"Upgrading from version 4.2.1.x to version 4.2.1.12 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/7-upg-notes20206.5.2","title":"Upgrading notes for v.2026.5.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/5-upgrading/6-upgrade-422k8","title":"Upgrading from version 4.2.1.x to version 4.2.2 in Kubernetes environment"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/2-aws","title":"AWS Kubernetes guide"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/3-helm","title":"Private Kubernetes Cluster using Helm"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/4-azure","title":"Azure Kubernetes Guide"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/1-ldapvalidation","title":"Synchronization Validation Script"}}},{"node":{"fields":{"slug":"/installation/6-kubernetes-installation/6-k8platforms/1-gce","title":"GCE Kubernetes guide"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/2-ldapsynchusers","title":"LDAP User Synchronization Script"}}},{"node":{"fields":{"slug":"/developerguide/9-synchronization/2-import/ldap/3-ldapattributeslists","title":"LDAP Attribute list for User Synchronization"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/1-ADgroup-transformation","title":"Sample transformation script for AD groups"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/3-ADtransformation-usergroup","title":"Sample transformation script for AD users and group memberships"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/2-importentitlements/2-transformationscripts/2-csv-transformation","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/getting-started/4-application-onboarding/3-importusers-and-entitlements/2-transformationscripts/4-csv-users-entitlements","title":"Sample transformation script for a CSV file"}}},{"node":{"fields":{"slug":"/changelog/21-Release-4.2.2","title":"Release 4.2.2"}}},{"node":{"fields":{"slug":"/connectorconfig/microsoft/4-adpowershell","title":"Active Directory PowerShell connector"}}},{"node":{"fields":{"slug":"/appendix/5-message_en_file","title":"Message properties"}}}]}},"pageContext":{"id":"fe176884-a599-57ea-9aab-60c740abb3ee"}}, "staticQueryHashes": ["2619113677","3706406642","417421954"]}