IdM Connectors
All interactions with your target applications are performed using connectors in OpenIAM. These operations include:
- Provisioning and de-provisioning
- Password reset
- Data imports
- Reconciliation
Connectors are services which are able to:
- Receive messages from the message bus which have been sent from other services in OpenIAM.
- Convert data received through the bus into something which the target application can understand.
- Perform operations on the target application such as connect, create, update, etc.
- Send the result (success, failure, error messages) of the operation back to the core OpenIAM service via the message bus.
While there is consistency in the connector interface and with how the connectors are deployed, there are differences in how they are configured and how they interact with each application. This is largely driven by the integration and functional requirements of the target application. Most connectors can be used to both synchronize (import) data as well as for provisioning and deprovisioning. Unless indicated in the table below, all connectors support the ability to:
- Import information
- Perform CRUD operations
- Manage the addition/removal of entitlement information on a user
- Reset passwords
Before you can do anything with a connector, the following two pre-requisites must be performed. Details for each can be found in their respective sections.
| Operation | Description |
|---|---|
| Deploy and start the connector | OpenIAM provides a collection of connectors and your deployment will most likely utilize a subset of these. In order to use a connector, we must:
|
| Connect to your application | Once a connector has been registered, we can establish a connection with the corresponding application or SaaS solution. |
Connector specific documentation
This tables below list the connectors by category.
Common infrastructure connectors
The connectors listed below provide integration with an enterprise infrastructure or can be used across several applications.
| Integration Type | Description |
|---|---|
| LDAP | Integrates with directories that support the LDAP protocol such as OpenLDAP, eDirectory, OpenDJ, and Active Directory |
| Linux | Integrates with multiple Linux OS including RHEL, CentOS and Ubuntu |
| SCIM | This connector provides integration with applications which support the SCIM standard |
| Database | Integrates with database tables using JDBC |
| CSV | Provides the ability to import data for various objects using a CSV file format. This is a read-only connector. |
| Git Enterprise | Connector provides the ability to manage users and their entitlements within Git Enterprise |
| Red Hat IPA | This connector provides integration with Redhat IPA and provides the ability to manage a Redhat Linux infrastructure |
| Script | Allows for the creation of a new connector using scripting. This model is often faster than creating a full connector. |
| Source Adapter | Connector acts as an SFTP/HTTPS server which can receive files from an authorized source to trigger provisioning/de-provisioning |
Microsoft Applications
The connectors for Microsoft applications differ from most other connectors in the OpenIAM stack because they are implemented using .NET and Powershell. These technologies require a Windows Server host and are described in the Microsoft section.
| Application Name | Description |
|---|---|
| Active Directory (Powershell) | Connector enables the management of users and groups in Active Directory |
| Azure AD | Connector enables the management of users across a variety of resources in Azure AD |
| Dynamics365 | Connector enables the management of users and related permissions in Dynamics365 |
| Azure DevOps | Read-only connector which imports user access across a variety of resources found in Azure DevOps |
| Exchange | Connector provides the ability to manage mail-boxes and related permissions in Exchange |
| SQL Server | Connector provides the ability to manage user access at both the SQL Server and Database levels |
| Windows Local | Provides the ability to manage users and their access in Local servers |
ERP Applications
| Application Name | Description |
|---|---|
| ADP | Read-only connector which imports employees and their information from ADP |
| Kronos | Read-only connector which imports employees and their information form Kronos |
| Oracle EBS | Read-only connector which can import user responsibilities from Oracle EBS |
| SAP | Integrates with SAP Hana S/3 |
| Workday | Read-only connector which imports employees and their level of access in Workday |
SaaS Applications
| Application Name | Description |
|---|---|
| Boomi | Read-only connector which provides the ability to import users and their entitlements from Boomi |
| Freshdesk | Connector provides the ability to manage users and their entitlements within Freshdesk |
| Freshservice | Connector provides the ability to manage users and their entitlements within Freshservice |
| GSuite | Connector provides the ability to manage users and their entitlements within Gsuite |
| Lastpass | Read-only connector which provides the ability to import users and their entitlements from Lastpass |
| Salesforce.com | Connector provides the ability to manage users and their entitlements within Salesforce.com |
| Tableau | Connector provides the ability to manage users and their entitlements within Tableau |
Cloud providers
| Provider Name | Description |
|---|---|
| AWS | Connector provides the ability to manage users and their access to a variety of resources within the AWS Cloud environment |
| Azure Cloud | Connector provides the ability to manage users and their access to a variety of resources within the AWS Cloud environment |