Identity Cloud

Connector release notes

Release notes for the connectors that are supported with ForgeRockĀ® Identity Cloud software. These release notes cover changes to connectors that have been released since ICF 1.5.18.0.

These release notes cover the ICF connector releases that are supported in a deployment of ForgeRock Identity Cloud.

This document does not describe all ICF connectors. Additional connectors are available from the ForgeRock BackStage download site. If a connector release is listed here, but is not yet on the site, contact ForgeRock Support for access.

ForgeRock Identity Platform™ serves as the basis for our simple and comprehensive Identity and Access Management solution. We help our customers deepen their relationships with their customers, and improve the productivity and connectivity of their employees and partners. For more information about ForgeRock and about the platform, see https://www.forgerock.com.

The ForgeRock Common REST API works across the platform to provide common ways to access web resources and collections of resources.

Release notes overview

Starting in version 1.5.18.0, the ICF Connector Framework and all connectors bundled with Identity Cloud or the Remote Connector Server share a unified version number.

Table 1. Recently Updated Connectors
Version Product Date

1.5.20.2

2021/07/27

1.5.20.1

2021/05/28

1.5.20.0

2021/04/16

1.5.19.6

2021/02/26

1.5.19.5

2021/02/12

1.5.19.4

2021/01/22

1.5.19.3

2020/12/13

1.5.19.2

2020/11/30

1.5.19.1

2020/11/18

1.5.19.0

2020/10/20

1.5.18.0

2020/09/14

Connector changes

See Connector framework changes for details regarding any changes to the ICF Connector Framework that may affect connector behavior.

1.5.20.2

CSV File Connector
  • OPENICF-1677: CSV Connector returns pagedResultsCookie for queries with _pageSize=0.

LDAP Connector
  • OPENICF-1666: LDAP Connector: ldapGroups should restrict membership to the specified contexts.

MSGraph API Connector
  • OPENICF-1656: MS Graph API Connector: Unable to update onPremisesExtensionAttributes.

  • OPENICF-1687: MS Graph API Connector: Should be able to work behind an HTTP Proxy.

  • OPENICF-1698: MS Graph API Connector: get the cause of exception if test() fails.

Workday Connector
  • OPENICF-1689: Workday Connector: Workers transaction logs are filtered.

  • OPENICF-1691: Workday Connector: Reduce Garbage collection when building connector objects.

1.5.20.1

1.5.20.1 is a limited release, where only the Database Table Connector and the RCS Agent were released to Backstage.

Database Table Connector
  • OPENICF-1477: Database Table Connector: ORA-01000: maximum open cursors exceeded

  • OPENICF-1596: PSQLException: FATAL: terminating connection due to idle-in-transaction timeout

1.5.20.0

Generic LDAP Connector
  • OPENICF-1560: LDAP Connector: RFE Disable Paged Results Control

  • OPENICF-1586: LDAP Connector: Timestamp sync strategy: Synchronization filters are not used properly

MongoDB Connector
  • OPENICF-1553: MongoDB Connector: convertBSONtoICF() does not traverse Arrays.

MS Graph API Connector
  • OPENICF-1538: MS Graph API Connector: Sync() does not work

  • OPENICF-1541: MS Graph API Connector: Add ConsistencyLevel: eventual' header and $count=true for endsWith filter

  • OPENICF-1557: MS Graph API Connector: Handle user employeeHireDate attribute and Calendar data type

  • OPENICF-1558: MS Graph API Connector: Make sure sortKey is supported by the objectClass

  • OPENICF-1559: MS Graph API Connector: Implement Authenticate() call

  • OPENICF-1595: MS Graph API Connector: test() should connect to the MS Graph endpoint to validate the connectionThe following known issues will be addressed in a later release:

  • OPENICF-1614: MS Graph API Connector: Livesync on user/group does not populate membership

  • OPENICF-1615: MS Graph API Connector: Deleting Azure AD group works but throws HTTP 500

SCIM Connector
  • OPENICF-1589: SCIM Connector: NPE caused by exception not properly handled

  • OPENICF-1591: SCIM Connector: Parsing OAuth response should not fail on unknown properties

  • OPENICF-1598: SCIM Connector: NPE when updating attribute with null value

  • OPENICF-1600: SCIM Connector: unknown attributes in a query result should not throw parsing exception

  • OPENICF-1601: SCIM Connector: Implement a global connection timeout property

1.5.19.6

No issues specific any connectors were addressed in this release.

1.5.19.5

CSV File Connector
  • OPENICF-1530: system?_action=createFullConfig validation does not return consistent errors

Database Table Connector
Groovy Connector Toolkit
  • OPENICF-1523: ScriptedGroovy connectors fail to load in IDM 7.x when embedded Groovy version does not match IDM Groovy version

MS Graph API Connector
  • OPENICF-1493: MS Graph API Connector: add the ability to read/assign license for the user

  • OPENICF-1499: MS Graph API Connector: remove the maximumConnections property

  • OPENICF-1507: MS Graph API Connector: add the ability to read subscribedSku object

  • OPENICF-1525: MS Graph API Connector: replace the default Graph SDK logger

  • OPENICF-1526: MS Graph API Connector: add the ability to read Team objects

Salesforce Connector
  • OPENICF-1522: Salesforce Connector : implement StatefulConfiguration to allow persistence of accessToken in memory

SCIM Connector
  • OPENICF-1518: SCIM connector: Http client ConnectionManager is not set properly

Workday Connector
  • OPENICF-1504: Workday Connector: SyncToken should be updated even if no events

  • OPENICF-1506: Workday Connector: SyncToken should be set to tenant timestamp after call to sync()

  • OPENICF-1508: Workday Connector: Query on SCR objects should not include date range as a search criteria

1.5.19.4

No issues specific any connectors were addressed in this release.

1.5.19.3

MS Graph API Connector
  • OPENICF-1475: MS Graph API Connector: the 'manager' only returns the id and not the full object

  • OPENICF-1481: MS Graph API Connector: add the ability to assign/remove user’s manager

  • OPENICF-1483: MS Graph API Connector: can’t remove all groups a user belongs to

Salesforce Connector
  • OPENICF-1471: SalesForce Connector: should not implement PoolableConnector interface

1.5.19.2

Generic LDAP Connector
  • OPENICF-1448: LDAP Connector: Enabling changelog livesync for oracle unified directory (OUD)

  • OPENICF-1466: LDAP Connector: Update filterWithOrInsteadOfAnd to apply to timestamp and Active Directory liveSync

  • OPENICF-1470: LDAP Connector: Null Check in ADUserAccounControl.addControl

  • OPENICF-1472: LDAP Connector: Data not synced from AD to IDM via livesync on ALL object

MS Graph API Connector
  • OPENICF-1469: MS Graph API Connector: implement a read/write rate limiter

SCIM Connector
  • OPENICF-1401: SCIM Connector: Align exceptions for not configured (blank/null) configurationProperties

1.5.19.1

MS Graph API Connector
  • OPENICF-1446: MS Graph API Connector: implement PoolableConnector

Salesforce Connector
  • OPENICF-1352: Salesforce connector: pagination and cookies not working properly

SCIM Connector
  • OPENICF-1444: SCIM connector - provide support for 'scope'

SSH Connector
  • OPENICF-1433: SSH connector: Kerberos username prompt for public key and password auth

  • OPENICF-1445: SSH connector: Stale or disconnected SSH sessions are not detected when borrowing from the pool

Workday Connector
  • OPENICF-1383: Workday Connector: Upgrade to API v35.0

  • OPENICF-1419: Workday Connector: Implement Service Center Representative object type

  • OPENICF-1426: Workday Connector: Ability to update email for Service Center Representative object

  • OPENICF-1432: Workday Connector: Implement OR filter

  • OPENICF-1447: Workday Connector: add the Contingent_Worker_ID as a search criteria

1.5.19.0

Starting in version 1.5.19.0, ICF connectors that previously had external library dependencies now have those dependencies bundled inside the connector.

Initial release of the MS Graph API Connector.

Generic LDAP Connector
  • OPENICF-1388: LDAP Connector 1.5.5.0 throws java.lang.NoSuchMethodError on Java 8

  • OPENICF-1396: OPENIDM-15448 changes seemingly broke querying ldap via the data tab

Groovy Connector Toolkit
  • OPENICF-1414: Scripted Groovy (v3) based connectors fail to load with IDM releases prior to 7.0

1.5.18.0

Starting in version 1.5.18.0, the ICF Connector Framework and all connectors bundled with Identity Cloud share a unified version number.

No issues specific any connectors were addressed in this release.

Remote connector server changes

See Connector framework changes for details regarding any changes to the ICF Connector Framework that may affect RCS behavior.

1.5.20.2

  • OPENICF-1655: Java RCS: When using TLS, the RCS does not work behind a proxy.

1.5.20.0

  • OPENICF-1366: Java Connector Server: /setDefaults does not revert config to default properly

  • OPENICF-1502: RCS: requests not cancelled when websocket closes

  • OPENICF-1540: RCS: requests bearer token from AM, but doesn’t look for error status code in response

  • OPENICF-1544: Fix double-checked locking in WebSocketConnectionGroup

  • OPENICF-1549: Update default ConnectorServer.properties

  • OPENICF-1555: Clarify locking behavior in ConnectorServer for Grizzly server lifecycle

  • OPENICF-1561: RCS: Reduce log level for common debug messages

1.5.19.6

  • OPENIDM-16178: IDM recon would fail w/ remote Java connector server

1.5.19.5

  • OPENICF-1516: Failed ICF Search Query confuses total number of search results

  • OPENICF-1520: Java RCS: Connection groups can accumulate many more websockets than they should have

1.5.19.4

  • OPENICF-1485: Java RCS: Non operational ConnectionGroup should be closed and removed

  • OPENICF-1486: Java RCS: Connection housekeeping task may stop running

  • OPENICF-1494: Java RCS: Housekeeping task gets blocked

  • OPENICF-1500: Java RCS: Improve default logging

1.5.19.3

  • OPENICF-1482: Java RCS: fails to reestablish connections to IDM after IDM is restarted

1.5.19.2

  • OPENICF-1467: RCS: endless loops on connection loss and shutdown

1.5.19.1

No issues specific to the Remote Connector Server were addressed in this release.

1.5.19.0

  • OPENICF-1393: Java Connector Server: useSSL property use should be clarified

  • OPENICF-1394: missing connectorserver.scope in connectorserver property file

  • OPENICF-1395: Investigate and clean up the following start up error message

  • OPENICF-1397: Java Connector Server: javax.net.ssl trustStore and keyStore properties should be set

  • OPENICF-1399: restarting IDM with active RCS causes RCS to decrement websocket connection count

  • OPENICF-1400: Java Connector Server: Property name usessl should match docs and code

  • OPENICF-1404: Java connector server proxy config for port is incorrect

  • OPENICF-1407: Java RCS: Incorrect url in Debug message of HttpRequestPacket header for non-SSL

  • OPENICF-1408: Java RCS: NPE when we set proxyHost for client mode

1.5.18.0

  • OPENICF-1371: Java Connector server does not always reestablish closed websockets

  • OPENICF-1390: Java RCS: Prevent use of websockets that are about to be closed

  • OPENICF-1392: Java Connector Server: TTL should be in seconds

RCS Agent changes

See Connector framework changes for details regarding any changes to the ICF Connector Framework that may affect RCS Agent behavior.

1.5.20.1

Version 1.5.20.1 of the RCS Agent addresses an issue with scopes being improperly handled when using OAuth for authentication with RCS.

1.5.20.0

This is the first public release of the RCS Agent. The RCS Agent is a smart websocket proxy used to connect Identity Cloud and RCS. For more information about the RCS Agent, see Configure RCS using the RCS Agent.

  • OPENICF-1550: RCS Agent: improve tracking sync request/responses

  • OPENICF-1552: RCS Agent files available for customers to create their own Docker image

  • OPENICF-1563: RCS Agent: update Maven dependencies

Connector framework changes

1.5.20.0

For a list of security issues addressed in this release, see the related Security Advisory in the ForgeRock Knowledge Base.

  • OPENICF-1566: Framework: ICF Jetty servlet default maxMessageSize is too small

1.5.19.6

No issues specific to the ICF Connector Framework were addressed in this release.

1.5.19.5

No issues specific to the ICF Connector Framework were addressed in this release.

1.5.19.4

No issues specific to the ICF Connector Framework were addressed in this release.

1.5.19.3

No issues specific to the ICF Connector Framework were addressed in this release.

1.5.19.2

No issues specific to the ICF Connector Framework were addressed in this release.

1.5.19.1

No issues specific to the ICF Connector Framework were addressed in this release.

1.5.19.0

Starting in version 1.5.19.0, ICF connectors that previously had external library dependencies now have those dependencies bundled inside the connector.

  • OPENICF-1413: Use framework version 1.5.11.0 for ldap-connector to support Java8-compatible release

  • OPENICF-1414: Scripted Groovy (v3) based connectors fail to load with IDM releases prior to 7.0

1.5.18.0

Starting in version 1.5.18.0, the ICF Connector Framework and all connectors bundled with Identity Cloud share a unified version number.

No issues specific to the ICF Connector Framework were addressed in this release.

Copyright Ā© 2010-2022 ForgeRock, all rights reserved.