Configure Connectors Over REST

To create a new connector configuration over REST, follow these steps:

  1. List the available connectors.

  2. Generate the core configuration.

  3. Add the target system properties, then connect to the target system to generate the final configuration.

  4. Submit the final configuration to IDM.

This procedure walks you through creating a connector configuration over REST, for a CSV file connector.

  1. List the available connectors.

    In a default IDM installation, the available connectors are installed in the openidm/connectors directory. If you are using a remote connector server, additional connectors might be available in the openicf/connectors directory on the remote server.

    Run the following command to list the available connectors:

    curl \
    --header "X-OpenIDM-Username: openidm-admin" \
    --header "X-OpenIDM-Password: openidm-admin" \
    --header "Accept-API-Version: resource=1.0" \
    --request POST \
    "http://localhost:8080/openidm/system?_action=availableConnectors"

    On a default IDM installation, this command returns the following output:

    {
      "connectorRef": [
        {
          "displayName": "SSH Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.ssh-connector",
          "connectorName": "org.forgerock.openicf.connectors.ssh.SSHConnector"
        },
        {
          "displayName": "ServiceNow Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.servicenow-connector",
          "connectorName": "org.forgerock.openicf.connectors.servicenow.ServiceNowConnector"
        },
        {
          "displayName": "Scripted SQL Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.scriptedsql-connector",
          "connectorName": "org.forgerock.openicf.connectors.scriptedsql.ScriptedSQLConnector"
        },
        {
          "displayName": "Scripted REST Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.scriptedrest-connector",
          "connectorName": "org.forgerock.openicf.connectors.scriptedrest.ScriptedRESTConnector"
        },
        {
          "displayName": "Scim Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.scim-connector",
          "connectorName": "org.forgerock.openicf.connectors.scim.ScimConnector"
        },
        {
          "displayName":"Salesforce Connector",
          "bundleVersion":"1.5.20.0",
          "systemType":"provisioner.openicf",
          "bundleName":"org.forgerock.openicf.connectors.salesforce-connector",
          "connectorName":"org.forgerock.openicf.connectors.salesforce.SalesforceConnector"
        },
        {
          "displayName": "MongoDB Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.mongodb-connector",
          "connectorName": "org.forgerock.openicf.connectors.mongodb.MongoDBConnector"
        },
        {
          "displayName": "Marketo Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.marketo-connector",
          "connectorName": "org.forgerock.openicf.connectors.marketo.MarketoConnector"
        },
        {
          "displayName": "LDAP Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.ldap-connector",
          "connectorName": "org.identityconnectors.ldap.LdapConnector"
        },
        {
          "displayName": "Kerberos Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.kerberos-connector",
          "connectorName": "org.forgerock.openicf.connectors.kerberos.KerberosConnector"
        },
        {
          "displayName": "Scripted Poolable Groovy Connector",
          "bundleVersion": "1.5.5.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.groovy-connector",
          "connectorName": "org.forgerock.openicf.connectors.groovy.ScriptedPoolableConnector"
        },
        {
          "displayName": "Scripted Groovy Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.groovy-connector",
          "connectorName": "org.forgerock.openicf.connectors.groovy.ScriptedConnector"
        },
        {
          "displayName": "GoogleApps Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.googleapps-connector",
          "connectorName": "org.forgerock.openicf.connectors.googleapps.GoogleAppsConnector"
        },
        {
          "displayName": "Database Table Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.databasetable-connector",
          "connectorName": "org.identityconnectors.databasetable.DatabaseTableConnector"
        },
        {
          "displayName": "CSV File Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.csvfile-connector",
          "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector"
        },
        {
          "displayName": "Adobe Marketing Cloud Connector",
          "bundleVersion": "1.5.20.0",
          "systemType": "provisioner.openicf",
          "bundleName": "org.forgerock.openicf.connectors.adobecm-connector",
          "connectorName": "org.forgerock.openicf.acm.ACMConnector"
        }
      ]
    }
  2. Generate a core configuration.

    Locate the connector to configure from the previous step's output, and copy the JSON object to insert as the value of the "connectorRef" property in the data payload of the following command.

    This example generates a core configuration for the CSV file connector:

    curl \
    --header "X-OpenIDM-Username: openidm-admin" \
    --header "X-OpenIDM-Password: openidm-admin" \
    --header "Accept-API-Version: resource=1.0" \
    --header "Content-Type: application/json" \
    --request POST \
    --data '{"connectorRef":
      {
        "systemType": "provisioner.openicf",
        "bundleName": "org.forgerock.openicf.connectors.csvfile-connector",
        "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector",
        "displayName": "CSV File Connector",
        "bundleVersion": "1.5.20.0"
      }
    }' \
    "http://localhost:8080/openidm/system?_action=createCoreConfig"

    The command returns a connector configuration, similar to the following:

    {
      "connectorRef": {
        "systemType": "provisioner.openicf",
        "bundleName": "org.forgerock.openicf.connectors.csvfile-connector",
        "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector",
        "displayName": "CSV File Connector",
        "bundleVersion": "1.5.20.0"
      },
      "poolConfigOption": {
        "maxObjects": 10,
        "maxIdle": 10,
        "maxWait": 150000,
        "minEvictableIdleTimeMillis": 120000,
        "minIdle": 1
      },
      "resultsHandlerConfig": {
        "enableNormalizingResultsHandler": false,
        "enableFilteredResultsHandler": false,
        "enableCaseInsensitiveFilter": false,
        "enableAttributesToGetSearchResultsHandler": true
      },
      "operationTimeout": {
        "CREATE": -1,
        "UPDATE": -1,
        "DELETE": -1,
        "TEST": -1,
        "SCRIPT_ON_CONNECTOR": -1,
        "SCRIPT_ON_RESOURCE": -1,
        "GET": -1,
        "RESOLVEUSERNAME": -1,
        "AUTHENTICATE": -1,
        "SEARCH": -1,
        "VALIDATE": -1,
        "SYNC": -1,
        "SCHEMA": -1
      },
      "configurationProperties": {
        "headerPassword": "password",
        "spaceReplacementString": "_",
        "csvFile": null,
        "newlineString": "\n",
        "headerUid": "uid",
        "quoteCharacter": "\"",
        "fieldDelimiter": ",",
        "syncFileRetentionCount": 3
      }
    }
  3. Connect to the target system to generate the final configuration.

    The configuration returned in the previous step is not functional. It does not include the required configurationProperties that are specific to the target system (such as the host name and port number of the target system, or the csvFile for a CSV file connector). It also doesn't include the complete list of objectTypes and operationOptions.

    To connect to the target system, add values for the required configurationProperties, and submit the updated configuration in the data payload of the following command.

    This example connects to the specified CSV file:

    curl \
    --header "X-OpenIDM-Username: openidm-admin" \
    --header "X-OpenIDM-Password: openidm-admin" \
    --header "Accept-API-Version: resource=1.0" \
    --header "Content-Type: application/json" \
    --request POST \
    --data '{
      "configurationProperties": {
        "headerPassword": "password",
        "spaceReplacementString": "_",
        "csvFile": "&{idm.instance.dir}/data/csvConnectorData.csv",
        "newlineString": "\n",
        "headerUid": "uid",
        "quoteCharacter": "\"",
        "fieldDelimiter": ",",
        "syncFileRetentionCount": 3
      },
      "connectorRef": {
        "systemType": "provisioner.openicf",
        "bundleName": "org.forgerock.openicf.connectors.csvfile-connector",
        "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector",
        "displayName": "CSV File Connector",
        "bundleVersion": "1.5.20.0"
      },
      "poolConfigOption": {
        "maxObjects": 10,
        "maxIdle": 10,
        "maxWait": 150000,
        "minEvictableIdleTimeMillis": 120000,
        "minIdle": 1
      },
      "resultsHandlerConfig": {
        "enableNormalizingResultsHandler": true,
        "enableFilteredResultsHandler": true,
        "enableCaseInsensitiveFilter": false,
        "enableAttributesToGetSearchResultsHandler": true
      },
      "operationTimeout": {
        "CREATE": -1,
        "UPDATE": -1,
        "DELETE": -1,
        "TEST": -1,
        "SCRIPT_ON_CONNECTOR": -1,
        "SCRIPT_ON_RESOURCE": -1,
        "GET": -1,
        "RESOLVEUSERNAME": -1,
        "AUTHENTICATE": -1,
        "SEARCH": -1,
        "VALIDATE": -1,
        "SYNC": -1,
        "SCHEMA": -1
      }
    }' \
    "http://localhost:8080/openidm/system?_action=createFullConfig"

    Note

    The single quotes around the JSON object in the --data parameter prevent the command from being executed when a new line is encountered in the content. You can therefore include line feeds for readability.

    With this command, IDM connects to the target resource, and attempts to read the schema, if it is available. It then iterates through the schema objects and attributes, and creates JSON representations of the supported objects and operations. The command output includes the JSON payload that you submitted, along with the operationOptions and objectTypes.

    Important

    Because IDM produces a full property set for all attributes and all object types in the schema, the resulting configuration can be very large. For an LDAP server, for example, IDM can generate a configuration containing several tens of thousands of lines. It might be useful to reduce the schema on the external resource to a minimum before you run the createFullConfig command.

  4. When you have the final configuration, use a PUT request to add it to the IDM configuration, in the JSON payload of the following command:

    curl \
    --header "X-OpenIDM-Username: openidm-admin" \
    --header "X-OpenIDM-Password: openidm-admin" \
    --header "Accept-API-Version: resource=1.0" \
    --header "Content-Type: application/json" \
    --request PUT \
    --data '{complete-configuration}' \
    "http://localhost:8080/openidm/config/provisioner.openicf-connector-name"
         

    Alternatively, you can save the complete configuration in a file named provisioner.openicf-connector-name.json, and place the file in the conf directory of your project.

Read a different version of :