ADP connector
ADP connector is used to connect to ADP human resources information systems (HRIS). Here, users can integrate with the system and synchronize users and their status.
To connect to APD HRIS OpenIAM has a default managed system called ADP Managed System, which can be used to establish connection. Follow the steps below to configure the Managed system and integrate the connector.
Configuring Managed system
- Log in to webconsole and go to Provisioning > Managed system. Find ADP Managed system and click Edit.
- Fill the field in Managed system configuration page. Key fields are described in a table below.
| Field | Description | 
|---|---|
| Token endpoint | It is a URL of the ADP instance. OpenIAM can hit different endpoints to get users. For example, users may have an instance URL and other endpoints to get tokens or users. Hence, the following API paths used with ADP connector: 
 | 
| Client ID | The value is copied from ADP HRIS system. Please, visit the ADP documentation center to find out where to find this value. | 
| Client Secret | The value is copied from ADP HRIS system. Please, visit the ADP documentation center to find out where to find this value. | 
| SSL cert | The value in this field stands for a path to the SSL certificate. It must be on the same server where ADP connector is run. | 
| Key password | The password becomes known after ADP administrator generates the SSL certificate to connect to the instance. | 
| Store password | The password becomes known after ADP administrator generates the SSL certificate to connect to the instance. | 
- Click Save.
Synchronization
ADP connector works exclusively with two operations - test connection and synchronize users (search operation for users). Hence, the only thing the connector can do is to search and synchronize users from the ADP target system.
To perform synchronization, OpenIAM has a default synchronization configuration named ADP User Example. Below, there are steps for configuring synchronization with ADP managed system.
- Login to webconsole and go to Provisioning > Synchronization.
- Find ADP User Exampleconfiguration and click Edit. The configuration page fields are pre-filled to synchronize Employee ID and Worker ID. It also has a pre-selected transformation script to transform an ADP record in OpenIAM record. The script has a broad functionality to transform all the user data stored in HR system (names, surnames, telephone numbers, emails, etc.) as well as user status.
As per transformation script, ADP connector can fetch the following fields:
"associateOID""workerId""firstName""middleName""lastName""displayName""email""mobile""mobileCountryCode""mobileAreaCode""mobilePhoneNumber""mobileIsForNotification""mobileExtension""telephone""telephoneCountryCode""telephoneAreaCode""telephonePhoneNumber""telephoneIsForNotification""telephoneExtension""fax""faxCountryCode""faxAreaCode""faxPhoneNumber""faxIsForNotification""faxExtension""organization""department""supervisor""payrollGroupCode""payrollFileNumber""link""title""status""startDate""lastDate""legalAddress""legalStreetAddress1""legalStreetAddress2""legalStreetAddress3""legalStreetAddress4""legalStreetAddress5""legalCity""legalPostalCode""legalState""legalCountryCode""gender""assignmentStatus""assignmentTermCode""workLevelCode""managementPositionIndicator""wageLawCoverage""assignedWorkLocations""remunerationBasisCode""payCycleCode""baseRemuneration""baseRemunerationAmount""baseRemunerationCurrency""maritalStatusCode""otherPersonalAddresses""otherPersonalStreetAddress1""otherPersonalStreetAddress2""otherPersonalStreetAddress3""otherPersonalStreetAddress4""otherPersonalStreetAddress5""otherPersonalCity""otherPersonalPostalCode""otherPersonalState""otherPersonalCountryCode""personalEmail""personalLandLines""personalLandLinesCountryCode""personalLandLinesAreaCode""personalLandLinesPhoneNumber""personalLandLinesIsForNotification""personalLandLinesExtension""personalMobile""personalMobileCountryCode""personalMobileAreaCode""personalMobilePhoneNumber""personalMobileIsForNotification""personalMobileExtension"`
- To synchronize users, you will need to insert query: - *to get all users.
- *statuses: ACTIVE, LEAVE, etc. to get users based on their status. Here,- ADP STATUS FIlTERwill be applied- ("workers/workerStatus/statusCode/codeValue eq '%s'");.
- If a query will start from /, it searches for a single user and/hr/v2/workers%sfilter will be applied.
- You can build a query using an &sign.
 
- OpenIAM asks an authorization token. This token has its own lifecycle and when the token gets expired, OpenIAM asks for a new token. This is because OpenIAM's IDM service tests connection with application every minute. Hence, to avoid overloading of ADP service, the approach of receiving token and considering connection live until it gets expired is used. For example, in case token's lifecycle ends within 30 minutes, on minute 29 OpenIAM will ask for the new one.