Identity Cloud

Connector reference

Installation and configuration reference for the connectors that are supported with ForgeRock® Identity Cloud software. This reference includes installation and configuration instructions for each connector, and examples that demonstrate how to use the connectors in a deployment.

Connectors let you connect to external resources such as LDAP, Active Directory, flat files, and others. This guide describes all the connectors supported with Identity Cloud, and how to configure them.

Configurations shown in this guide are simplified to show essential aspects. Not all resources support all Identity Cloud operations; however, the resources shown here support most of the CRUD operations, reconciliation, and liveSync.

Resources are external systems, databases, directory servers, and other sources of identity data, that are managed and audited by Identity Cloud. To connect to resources, Identity Cloud loads the ForgeRock Open Identity Connector Framework (ICF). ICF avoids the need to install agents to access resources, instead using the resources' native protocols. For example, ICF connects to database resources using the database’s Java connection libraries or JDBC driver, to directory servers over LDAP, and to UNIX systems over ssh.

Identity Cloud built-in connectors

Identity Cloud provides these built-in connectors, for synchronization with the respective data stores.

Adobe Marketing Cloud Connector

The Adobe Marketing Cloud connector lets you manage profiles in an Adobe Campaign data store.

Marketo Connector

The Marketo connector lets you synchronize between Identity Cloud user identities and a Marketo Lead Database.

MS Graph API Connector

The Microsoft Graph API connector lets you manage users and groups in a Microsoft Azure tenant, and lets you synchronize users and groups between Identity Cloud and Azure.

Salesforce Connector

The Salesforce connector enables provisioning, reconciliation, and synchronization between Salesforce and the Identity Cloud repository.

ServiceNow Connector

The ServiceNow connector lets you manage objects in the ServiceNow platform, integrating with ServiceNow’s REST API.

SuccessFactors Connector

The SAP SuccessFactors connector lets you synchronize user accounts between Identity Cloud and the SAP SuccessFactors HR system.

Workday Connector

The Workday connector lets you synchronize user accounts between Identity Cloud and Workday’s cloud-based HR system.

Remote Connector Server (RCS) connectors

The remote connectors are used for synchronization with data stores on premises, in a private cloud, or in a public cloud. Remote connectors are available as:

RCS bundled connectors

Remote connectors that are bundled with the ForgeRock remote connector server (RCS).

Additional connectors

Connectors that are available for download from the ForgeRock Download Center.

RCS bundled connectors

ForgeRock provides a number of connectors that are bundled with RCS.

CSV File Connector

The CSV file connector is useful when importing users, either for initial provisioning or for ongoing updates. When used continuously in production, a CSV file serves as a change log, often containing only user records that have changed.

Database Table Connector

The Database Table connector enables provisioning to a single table in a JDBC database.

Groovy Connector

The Groovy Connector Toolkit lets you run a Groovy script for any ICF operation, such as search, update, create, and others, on any external resource.

Kerberos Connector

The Kerberos connector is an implementation of the SSH connector, and is based on Java Secure Channel (JSch) and the Java implementation of the Expect library (Expect4j). This connector lets you manage Kerberos user principals from Identity Cloud.

LDAP Connector

The LDAP connector is based on JNDI, and can be used to connect to any LDAPv3-compliant directory server, such as ForgeRock Directory Services (DS), Active Directory, SunDS, Oracle Directory Server Enterprise Edition, IBM Security Directory Server, and OpenLDAP.

SCIM Connector

The SCIM connector is based on the Simple Cloud Identity Management (SCIM) protocol, and lets you manage user and group accounts on any SCIM-compliant resource provider, such as Slack, Facebook, or SalesForce.

Scripted REST Connector

The Scripted REST connector is an implementation of the Scripted Groovy Connector. This connector lets you interact with any REST API, using Groovy scripts for the ICF operations.

Scripted SQL Connector

The Scripted SQL connector is an implementation of the Scripted Groovy Connector. This connector lets you interact with any SQL database, using Groovy scripts for the ICF operations.

SSH Connector

The SSH connector is an implementation of the Scripted Groovy Connector, and is based on Java Secure Channel (JSch) and the Java implementation of the Expect library (Expect4j). This connector lets you interact with any SSH server, using Groovy scripts for the ICF operations.

Additional connectors

In addition to the built-in and RCS bundled connectors, ForgeRock supports a number of additional connectors that you can download from the ForgeRock Download Center.

AWS Connector

The AWS connector lets you interact with the AWS IAM service.

Cerner Connector

The Cerner connector lets you interact with Cerner healthcare IT systems.

DocuSign Connector

The DocuSign connector lets you manage DocuSign service accounts and synchronize accounts between DocuSign and the Identity Cloud managed user repository.

Epic Connector

The Epic connector lets you interact with Epic health systems.

Google Apps Connector

The Google Apps connector lets you interact with Google’s web applications.

HubSpot Connector

The HubSpot connector lets you synchronize HubSpot contacts and companies with managed objects in an Identity Cloud repository.

MongoDB Connector

The MongoDB connector is an implementation of the Scripted Groovy Connector. This connector lets you interact with a MongoDB document database, using Groovy scripts for the ICF operations.

PeopleSoft Connector

The PeopleSoft connector lets you interact with Oracle PeopleSoft systems.

SAP Connector

The SAP connector is an implementation of the Scripted Groovy Connector that connects to any SAP system using the SAP JCo Java libraries.

SAP S/4HANA Connector

The SAP S/4HANA connector lets you synchronize user accounts between Identity Cloud and the SAP S/4HANA service.

Copyright © 2010-2022 ForgeRock, all rights reserved.