How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I create a new connector configuration via REST in IDM (All versions)?

Last updated Apr 8, 2021

The purpose of this article is to provide information on creating a new connector configuration (provisioner file) via REST in IDM. This article demonstrates creating an LDAP connector configuration, but you can use the same principles to create any connector configuration via the REST API.


Creating a connector configuration

To create an LDAP connector configuration:

  1. Output all the configuration details using the following curl command:
    • IDM 7 and later: $ curl -X GET -H "X-OpenIDM-Username: openidm-admin" -H "X-OpenIDM-Password: openidm-admin" -H "Accept-API-Version: resource=1.0" -H "Content-Type: application/json" http://localhost:8080/openidm/config
    • Pre-IDM 7: $ curl -X GET -H "X-OpenIDM-Username: openidm-admin" -H "X-OpenIDM-Password: openidm-admin" -H "Content-Type: application/json" http://localhost:8080/openidm/config

This command returns a full list of the different configuration IDs, with each one representing a subsystem or component in your IDM instance. The following details are relevant for creating the LDAP connector:{     "_id": "provisioner.openicf/ldap",       "pid": "provisioner.openicf.7132376d-a10d-4ffd-8b34-633f6d44e985",       "factoryPid": "provisioner.openicf" }

  1. Output details for the standard LDAP connector configuration using the following curl command with the _id value identified in step 1:
    • IDM 7 and later: $ curl -X GET -H "X-OpenIDM-Username: openidm-admin" -H "X-OpenIDM-Password: openidm-admin" -H "Accept-API-Version: resource=1.0" -H "Content-Type: application/json" http://localhost:8080/openidm/config/provisioner.openicf/ldap
    • Pre-IDM 7: $ curl -X GET -H "X-OpenIDM-Username: openidm-admin" -H "X-OpenIDM-Password: openidm-admin" -H "Content-Type: application/json" http://localhost:8080/openidm/config/provisioner.openicf/ldap

This command returns the entire JSON configuration object for the LDAP connector, for example:{ "_id": "provisioner.openicf/ldap",   "name": "ldap",   "connectorRef": {     "bundleName": "org.forgerock.openicf.connectors.ldap-connector",     "bundleVersion": "[1.4.0.0,2.0.0.0)",     "connectorName": "org.identityconnectors.ldap.LdapConnector"   },   "configurationProperties": {     "host": "localhost",     "port": 1389,     "ssl": false,     "principal": "uid=admin",     "credentials": {       "$crypto": {         "value": {           "iv": "l0X7XU5U5cICjOOoab7c+g==",           "data": "56txTbcXYQDwPgL5R140Fg==",           "cipher": "AES/CBC/PKCS5Padding",           "key": "openidm-sym-default"         },         "type": "x-simple-encryption"       }     },     "baseContexts": [       "dc=example,dc=com"     ],     "baseContextsToSynchronize": [       "dc=example,dc=com"     ],     "accountSearchFilter": null, [...] }

  1. Create a new LDAP connector configuration using the output returned in step 2 as a template. You will need to change at least the "_id", "name" and "credentials" plus customize any other details required for your new connector. You should enter the credentials as clear text. For example, to create a new connector configuration with an _id of ldapNew:
    • IDM 7 and later: $ curl -X PUT -H "X-OpenIDM-Username: openidm-admin" -H "X-OpenIDM-Password: openidm-admin" -H "Accept-API-Version: resource=1.0" -H "Content-Type: application/json" -d '{     "_id": "provisioner.openicf/ldapNew",     "name": "ldapNew",     "connectorRef": {       "bundleName": "org.forgerock.openicf.connectors.ldap-connector",       "bundleVersion": "[1.4.0.0,2.0.0.0)",       "connectorName": "org.identityconnectors.ldap.LdapConnector"     },     "configurationProperties": {       "host": "localhost",       "port": 1389,       "ssl": false,       "principal": "uid=admin",       "credentials": "Passw0rd",       "baseContexts": [         "dc=example,dc=com"       ],       "baseContextsToSynchronize": [         "dc=example,dc=com"       ],       "accountSearchFilter": null, [...]  }' http://localhost:8080/openidm/config/provisioner.openicf/ldapNew
    • Pre-IDM 7: $ curl -X PUT -H "X-OpenIDM-Username: openidm-admin" -H "X-OpenIDM-Password: openidm-admin" -H "Content-Type: application/json" -d '{     "_id": "provisioner.openicf/ldapNew",     "name": "ldapNew",     "connectorRef": {       "bundleName": "org.forgerock.openicf.connectors.ldap-connector",       "bundleVersion": "[1.4.0.0,2.0.0.0)",       "connectorName": "org.identityconnectors.ldap.LdapConnector"     },     "configurationProperties": {       "host": "localhost",       "port": 1389,       "ssl": false,       "principal": "cn=Directory Manager",       "credentials": "Passw0rd",       "baseContexts": [         "dc=example,dc=com"       ],       "baseContextsToSynchronize": [         "dc=example,dc=com"       ],       "accountSearchFilter": null, [...]  }' http://localhost:8080/openidm/config/provisioner.openicf/ldapNew

This command creates the connector configuration and the corresponding provisioner.openicf-ldapNew.json file in the /path/to/idm/conf directory.

See Also

How do I find the available parameters for inclusion in the provisioner configuration file for a connector in IDM (All versions)?

How do I configure the LDAP connector in Identity Cloud or IDM (All versions) for LDAP failover?

How do I configure pooled connections for a connector in IDM (All versions)?

Connectors Guide › Configure Connectors

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.