IdM Connectors

All interactions with your target applications such as Provisioning and de-provisioning, importing data and reconciliation are performed through "connectors" in OpenIAM. Connectors are services which are able to:

  • Receive messages from the message bus which have been sent from other services in OpenIAM.
  • Convert data received through the bus into something which the target application can understand.
  • Perfom operations on the target application based on the operation (connect, create, update, etc.)
  • Send the result (success, failure, error messages) of the operation back to the core OpenIAM service via the message bus.

Connector model

While there is consistency in the connector interface and how the connectors are deployed, there are differences in how they interact with each application and how they are configured. This is largely driven by the needs of the target application. Most connectors can be used to both synchronize (import) data as well as for provisioning and deprovision. Unless indicated in the table below, all connectors support the ability to:

  • Import information
  • Perform CRUD operations
  • Manage the addition / removal entitlement information on a user
  • Reset passwords

Starting a connector

OpenIAM provides a growing collection of connectors and your deployment will like utilize a subset of these connectors. In order to use a connector, we must:

  • Deploy the connector
  • Start the connector
  • Register the connector

Use the details provided in the Connector registration section.

Connecting to your application

Once a connector has been registered, we can establish a connection with application or SaaS solution. This is done by defining a managed system configuration.

Connectors

This tables belows list the connectors by categories.

Common / infrastructure connectors

The connectors listed below are provide integration with either enterprise infrastructure or can be used to across several applications.

Integration TypeDescription
LDAPIntegrates with directory which support the LDAP protocol such as OpenLDAP, eDirectory, OpenDJ, and Active Directory
LinuxIntegrates with multiple Linux OS including: RHEL, CentOS and Ubuntu
SCIMThis connector provides integration with applications which support the SCIM standard
DatabaseIntegrates with the database tables using JDBC
CSVProvides the ability to import data for various objects using a CSV file format. This is a read-only connector.
Git EnterpriseConnector provides the ability to manage users and their entitlements within Git Enterprise
Red hat IPAThis connector provides integration with Redhat IPA and provides the ability to manage a Redhat Linux infrastructure
ScriptThe script connector allows for the creation of a new connector using scripting. This model is often faster than creating a full connector.
Source AdapterConnector acts as an SFTP / HTTPS server which can receive files from an authorized source to trigger provisioning/deprovisioning

Microsoft Applications

The connectors for applications provided by Microsoft are differ from most other connectors in the OpenIAM stack because they are implemented using .NET and Powershell. The technologies requires a Windows Server host and are described in the Microsoft section.

Application NameDescription
Active Directory (Powershell)Connector enables the management of users and groups in Active Directory
Azure ADConnector enables the management of users across a variety of resources in Azure AD
Dynamics365Connector enables the management of users and related permissions in Dynamics365
Azure DevOpsRead-only connector which imports user and the access across a variety of resources found in Azure DevOps
ExchangeConnector provides the ability manage mail-boxes and related permissions in Exchange
SQL ServerConnector provides the ability to manage user access at both the SQL Server and Database levels.
Windows LocalProvides the ability to manage users and their access in Local servers

ERP Applications

Application NameDescription
ADPRead-only connector which imports employees and their information from ADP
KronosRead-only connector which import employees and their information form Kronos
Oracle EBSRead-only connector which can import user and responsibilities from Oracle EBS
SAPIntegrates with SAP Hana S/3
WorkdayRead-only connector which import employees and their level of access in Workday

SaaS Applications

Application NameDescription
BoomiRead-only connector which provides the ability to import users and their entitlements from Boomi
FreshdeskConnector provides the ability to manage users and their entitlements within Freshdesk
FreshserviceConnector provides the ability to manage users and their entitlements within Freshservice
GSuiteConnector provides the ability to manage users and their entitlements within Gsuite
LastpassRead-only connector which provides the ability to import users and their entitlements from Lastpass
Salesforce.comConnector provides the ability to manage users and their entitlements within Salesforce.com
TableauConnector provides the ability to manage users and their entitlements within Tableau.

Cloud providers

Provider NameDescription
AWSConnector provides the ability to manage users and their access to a variety of resources within the AWS Cloud environment
Azure CloudConnector provides the ability to manage users and their access to a variety of resources within the AWS Cloud environment