Configure Connectors Over REST
Important
Connectors continue to be released outside the IDM release. For the latest documentation, refer to the ICF documentation.
To create a new connector configuration over REST, follow these steps:
List the available connectors.
Generate the core configuration.
Add the target system properties, then connect to the target system to generate the final configuration.
Submit the final configuration to IDM.
This procedure walks you through creating a connector configuration over REST, for a CSV file connector.
List the available connectors.
In a default IDM installation, the available connectors are installed in the
openidm/connectors
directory. If you are using a remote connector server, additional connectors might be available in theopenicf/connectors
directory on the remote server.Run the following command to list the available connectors:
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ --request POST \ "http://localhost:8080/openidm/system?_action=availableConnectors"
On a default IDM installation, this command returns the following output:
{ "connectorRef": [ { "displayName": "SSH Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.ssh-connector", "connectorName": "org.forgerock.openicf.connectors.ssh.SSHConnector" }, { "displayName": "ServiceNow Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.servicenow-connector", "connectorName": "org.forgerock.openicf.connectors.servicenow.ServiceNowConnector" }, { "displayName": "Scripted SQL Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.scriptedsql-connector", "connectorName": "org.forgerock.openicf.connectors.scriptedsql.ScriptedSQLConnector" }, { "displayName": "Scripted REST Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.scriptedrest-connector", "connectorName": "org.forgerock.openicf.connectors.scriptedrest.ScriptedRESTConnector" }, { "displayName": "Scim Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.scim-connector", "connectorName": "org.forgerock.openicf.connectors.scim.ScimConnector" }, { "displayName":"Salesforce Connector", "bundleVersion":"1.5.20.12", "systemType":"provisioner.openicf", "bundleName":"org.forgerock.openicf.connectors.salesforce-connector", "connectorName":"org.forgerock.openicf.connectors.salesforce.SalesforceConnector" }, { "displayName":"MSGraphAPI Connector", "bundleVersion":"1.5.20.12", "systemType":"provisioner.openicf", "bundleName":"org.forgerock.openicf.connectors.msgraphapi-connector", "connectorName":"org.forgerock.openicf.connectors.msgraphapi.MSGraphAPIConnector" }, { "displayName": "MongoDB Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.mongodb-connector", "connectorName": "org.forgerock.openicf.connectors.mongodb.MongoDBConnector" }, { "displayName": "Marketo Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.marketo-connector", "connectorName": "org.forgerock.openicf.connectors.marketo.MarketoConnector" }, { "displayName": "LDAP Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.ldap-connector", "connectorName": "org.identityconnectors.ldap.LdapConnector" }, { "displayName": "Kerberos Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.kerberos-connector", "connectorName": "org.forgerock.openicf.connectors.kerberos.KerberosConnector" }, { "displayName": "Scripted Poolable Groovy Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.groovy-connector", "connectorName": "org.forgerock.openicf.connectors.groovy.ScriptedPoolableConnector" }, { "displayName": "Scripted Groovy Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.groovy-connector", "connectorName": "org.forgerock.openicf.connectors.groovy.ScriptedConnector" }, { "displayName": "GoogleApps Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.googleapps-connector", "connectorName": "org.forgerock.openicf.connectors.googleapps.GoogleAppsConnector" }, { "displayName": "Database Table Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.databasetable-connector", "connectorName": "org.identityconnectors.databasetable.DatabaseTableConnector" }, { "displayName": "CSV File Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.csvfile-connector", "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector" }, { "displayName": "Adobe Marketing Cloud Connector", "bundleVersion": "1.5.20.12", "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.adobecm-connector", "connectorName": "org.forgerock.openicf.acm.ACMConnector" } ] }
Generate a core configuration.
Locate the connector to configure from the previous step's output, and copy the JSON object to insert as the value of the
"connectorRef"
property in thedata
payload of the following command.This example generates a core configuration for the CSV file connector:
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ --header "Content-Type: application/json" \ --request POST \ --data '{"connectorRef": { "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.csvfile-connector", "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector", "displayName": "CSV File Connector", "bundleVersion": "1.5.20.12" } }' \ "http://localhost:8080/openidm/system?_action=createCoreConfig"
The command returns a connector configuration, similar to the following:
{ "connectorRef": { "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.csvfile-connector", "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector", "displayName": "CSV File Connector", "bundleVersion": "1.5.20.12" }, "poolConfigOption": { "maxObjects": 10, "maxIdle": 10, "maxWait": 150000, "minEvictableIdleTimeMillis": 120000, "minIdle": 1 }, "resultsHandlerConfig": { "enableNormalizingResultsHandler": false, "enableFilteredResultsHandler": false, "enableCaseInsensitiveFilter": false, "enableAttributesToGetSearchResultsHandler": true }, "operationTimeout": { "CREATE": -1, "UPDATE": -1, "DELETE": -1, "TEST": -1, "SCRIPT_ON_CONNECTOR": -1, "SCRIPT_ON_RESOURCE": -1, "GET": -1, "RESOLVEUSERNAME": -1, "AUTHENTICATE": -1, "SEARCH": -1, "VALIDATE": -1, "SYNC": -1, "SCHEMA": -1 }, "configurationProperties": { "headerPassword": "password", "spaceReplacementString": "_", "csvFile": null, "newlineString": "\n", "headerUid": "uid", "quoteCharacter": "\"", "escapeCharacter": "\\", "fieldDelimiter": ",", "syncFileRetentionCount": 3 } }
Connect to the target system to generate the final configuration.
The configuration returned in the previous step is not functional. It does not include the required
configurationProperties
that are specific to the target system (such as the host name and port number of the target system, or thecsvFile
for a CSV file connector). It also doesn't include the complete list ofobjectTypes
andoperationOptions
.To connect to the target system, add values for the required
configurationProperties
, and submit the updated configuration in the data payload of the following command.This example connects to the specified CSV file:
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ --header "Content-Type: application/json" \ --request POST \ --data '{ "configurationProperties": { "headerPassword": "password", "spaceReplacementString": "_", "csvFile": "&{idm.instance.dir}/data/csvConnectorData.csv", "newlineString": "\n", "headerUid": "uid", "quoteCharacter": "\"", "fieldDelimiter": ",", "syncFileRetentionCount": 3 }, "connectorRef": { "systemType": "provisioner.openicf", "bundleName": "org.forgerock.openicf.connectors.csvfile-connector", "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector", "displayName": "CSV File Connector", "bundleVersion": "1.5.20.12" }, "poolConfigOption": { "maxObjects": 10, "maxIdle": 10, "maxWait": 150000, "minEvictableIdleTimeMillis": 120000, "minIdle": 1 }, "resultsHandlerConfig": { "enableNormalizingResultsHandler": true, "enableFilteredResultsHandler": true, "enableCaseInsensitiveFilter": false, "enableAttributesToGetSearchResultsHandler": true }, "operationTimeout": { "CREATE": -1, "UPDATE": -1, "DELETE": -1, "TEST": -1, "SCRIPT_ON_CONNECTOR": -1, "SCRIPT_ON_RESOURCE": -1, "GET": -1, "RESOLVEUSERNAME": -1, "AUTHENTICATE": -1, "SEARCH": -1, "VALIDATE": -1, "SYNC": -1, "SCHEMA": -1 } }' \ "http://localhost:8080/openidm/system?_action=createFullConfig"
Note
The single quotes around the JSON object in the
--data
parameter prevent the command from being executed when a new line is encountered in the content. You can therefore include line feeds for readability.With this command, IDM connects to the target resource, and attempts to read the schema, if it is available. It then iterates through the schema objects and attributes, and creates JSON representations of the supported objects and operations. The command output includes the JSON payload that you submitted, along with the
operationOptions
andobjectTypes
.Important
Because IDM produces a full property set for all attributes and all object types in the schema, the resulting configuration can be very large. For an LDAP server, for example, IDM can generate a configuration containing several tens of thousands of lines. It might be useful to reduce the schema on the external resource to a minimum before you run the
createFullConfig
command.When you have the final configuration, use a PUT request to add it to the IDM configuration, in the JSON payload of the following command:
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ --header "Content-Type: application/json" \ --request PUT \ --data '{complete-configuration}' \ "http://localhost:8080/openidm/config/provisioner.openicf/connector-name"
Alternatively, you can save the complete configuration in a file named
provisioner.openicf-connector-name.json
, and place the file in theconf
directory of your project.