Powered by Algolia

    ADP connector

    ADP connector is used to connect to ADP human resources information systems (HRIS). Here, users can integrate with the system and synchronize users and their status.

    To connect to APD HRIS OpenIAM has a default managed system called ADP Managed System, which can be used to establish connection. Follow the steps below to configure the Managed system and integrate the connector.

    Configuring Managed system

    1. Log in to webconsole and go to Provisioning > Managed system. Find ADP Managed system and click Edit.
    2. Fill the field in Managed system configuration page. Key fields are described in a table below.
    FieldDescription
    Token endpointIt is a URL of the ADP instance. OpenIAM can hit different endpoints to get users. For example, users may have an instance URL and other endpoints to get tokens or users. Hence, the following API paths used with ADP connector:
    • API to get TOKEN(HttpMethod.POST,"/auth/oauth/v2/token").
    • API to get USERS(HttpMethod.GET, "/hr/v2/workers").
    • API to get one USER(HttpMethod.GET, "/hr/v2/workers%s").
    Client IDThe value is copied from ADP HRIS system. Please, visit the ADP documentation center to find out where to find this value.
    Client SecretThe value is copied from ADP HRIS system. Please, visit the ADP documentation center to find out where to find this value.
    SSL certThe value in this field stands for a path to the SSL certificate. It must be on the same server where ADP connector is run.
    Key passwordThe password becomes known after ADP administrator generates the SSL certificate to connect to the instance.
    Store passwordThe password becomes known after ADP administrator generates the SSL certificate to connect to the instance.
    1. Click Save.

    Synchronization

    ADP connector works exclusively with two operations - test connection and synchronize users (search operation for users). Hence, the only thing the connector can do is to search and synchronize users from the ADP target system.

    To perform synchronization, OpenIAM has a default synchronization configuration named ADP User Example. Below, there are steps for configuring synchronization with ADP managed system.

    1. Login to webconsole and go to Provisioning > Synchronization.
    2. Find ADP User Example configuration and click Edit. The configuration page fields are pre-filled to synchronize Employee ID and Worker ID. It also has a pre-selected transformation script to transform an ADP record in OpenIAM record. The script has a broad functionality to transform all the user data stored in HR system (names, surnames, telephone numbers, emails, etc.) as well as user status.

    As per transformation script, ADP connector can fetch the following fields:

    "associateOID"
    "workerId"
    "firstName"
    "middleName"
    "lastName"
    "displayName"
    "email"
    "mobile"
    "mobileCountryCode"
    "mobileAreaCode"
    "mobilePhoneNumber"
    "mobileIsForNotification"
    "mobileExtension"
    "telephone"
    "telephoneCountryCode"
    "telephoneAreaCode"
    "telephonePhoneNumber"
    "telephoneIsForNotification"
    "telephoneExtension"
    "fax"
    "faxCountryCode"
    "faxAreaCode"
    "faxPhoneNumber"
    "faxIsForNotification"
    "faxExtension"
    "organization"
    "department"
    "supervisor"
    "payrollGroupCode"
    "payrollFileNumber"
    "link"
    "title"
    "status"
    "startDate"
    "lastDate"
    "legalAddress"
    "legalStreetAddress1"
    "legalStreetAddress2"
    "legalStreetAddress3"
    "legalStreetAddress4"
    "legalStreetAddress5"
    "legalCity"
    "legalPostalCode"
    "legalState"
    "legalCountryCode"
    "gender"
    "assignmentStatus"
    "assignmentTermCode"
    "workLevelCode"
    "managementPositionIndicator"
    "wageLawCoverage"
    "assignedWorkLocations"
    "remunerationBasisCode"
    "payCycleCode"
    "baseRemuneration"
    "baseRemunerationAmount"
    "baseRemunerationCurrency"
    "maritalStatusCode"
    "otherPersonalAddresses"
    "otherPersonalStreetAddress1"
    "otherPersonalStreetAddress2"
    "otherPersonalStreetAddress3"
    "otherPersonalStreetAddress4"
    "otherPersonalStreetAddress5"
    "otherPersonalCity"
    "otherPersonalPostalCode"
    "otherPersonalState"
    "otherPersonalCountryCode"
    "personalEmail"
    "personalLandLines"
    "personalLandLinesCountryCode"
    "personalLandLinesAreaCode"
    "personalLandLinesPhoneNumber"
    "personalLandLinesIsForNotification"
    "personalLandLinesExtension"
    "personalMobile"
    "personalMobileCountryCode"
    "personalMobileAreaCode"
    "personalMobilePhoneNumber"
    "personalMobileIsForNotification"
    "personalMobileExtension"`

    1. To synchronize users, you will need to insert query:

      • * to get all users.
      • *statuses: ACTIVE, LEAVE, etc. to get users based on their status. Here, ADP STATUS FIlTER will be applied ("workers/workerStatus/statusCode/codeValue eq '%s'");.
      • If a query will start from /, it searches for a single user and /hr/v2/workers%s filter will be applied.
      • You can build a query using an & sign.

    2. OpenIAM asks an authorization token. This token has its own lifecycle and when the token gets expired, OpenIAM asks for a new token. This is because OpenIAM's IDM service tests connection with application every minute. Hence, to avoid overloading of ADP service, the approach of receiving token and considering connection live until it gets expired is used. For example, in case token's lifecycle ends within 30 minutes, on minute 29 OpenIAM will ask for the new one.

    Previous
    LDAP connector
    Next
    AWS connector