Learn about the tasks that you must complete before you install the Generic REST connector.
You can obtain the installation package for the Generic REST connector on the Oracle Technology Network (OTN) website.
Create a schema file to help the connector understand the underlying structure of your target system.
The following is the format for describing parent form fields:
<FIELDNAME>.<FIELDQUALIFIER>=<VALUE>
Example: UserId.Required=true
The following is the format for describing complex child form fields:
<FIELDNAME>.<SUBFIELDNAME>.<FIELDQUALIFIER>=<VALUE>.
Example: Roles.fromdate.DataType=Long
Each entry must be in a single line in the following format:
PropertyName=PropertyValue
Any space characters that appear between the property name and property value is ignored. For example, the following three entries are all the same:
StatusAttribute=AccountStatus
StatusAttribute = AccountStatus
StatusAttribute= AccountStatus
Comments help you and others referring the schema understand its entries better. Any entry or line that begins with the number sign (#) is ignored by the metadata generator.
Unless specified, the default data type for all fields is String.
Note:
You must create the schema.properties file on the computer on which you intend to run the metadata generation utility.See Also:
Sample Schema Filefor a sample ACME schema fileUpdate the Groovy file by specifying values for properties that store information about your target system schema and the mode in which you want to configure the connector.
Learn about the dateAttributeList, entitlementAttributeList, lookupAttributeList, and alias entries of the Groovy file. You use the information provided here while updating the Groovy file.
dateAttributeList
This entry holds the list of attributes that the connector must handle as date on the process form. Ensure that the data type of the attributes listed here is set to Long in the schema file.
The connector creates a date editor for each of the attributes specified in this entry.
If you want to the connector to handle single-valued or multivalued fields as date, then enter the value for this entry in the following format:
["FIELD_NAME"]
In this format, replace FIELD_NAME with the name of the single or multivalued field.
If you want to handle an embedded multivalued field as date, then enter the value in the following format:
["OBJ_CLASS.SUB_FIELD_NAME"]
In this format, replace:
OBJ_CLASS with the EmbeddedObjectClass name for the child form as specified in the schema file.
SUB_FIELD_NAME with the subfield name for the child form as specified in the schema file.
Default value: ["JoiningDate"]
You can modify the default value to meet the requirements in your environment.
The following is a sample value for handling embedded multivalued fields as date:
["MyRole.StartDate", "MyRole.EndDate"]
entitlementAttributeList
This entry must include the list attributes in the target system that must be tagged as entitlements.
The connector creates a lookup field for each of the attributes specified in this entry, assigns the lookup fields to a process form, and adds all the required properties of entitlements.
If you want to tag entitlements for multivalued fields, then enter the value in the following format:
["MULTIVALUED_FIELD_NAME"]
If you want to tag entitlements for a multivalued field that is embedded, then enter the value in the following format:
["OBJ_CLASS.SUB_FIELD_NAME"]
In this format, replace:
OBJ_CLASS with the EmbeddedObjectClass name for the child form as specified in the schema file.
SUB_FIELD_NAME with the subfield name for the child form as specified in the schema file.
Default value: [‘Roles.RoleName’]
In this value, Roles.RoleName
is a multivalued field that is embedded. In other words, Roles
is the EmbeddedObjectClass name for roles child form as specified in the schema file (that is, roles.EmbeddedObjectClass=Roles) and RoleName
is one of the subfields for the roles child form as specified in the schema file (that is roles.Subfileds=ROLENAME).
You can modify the default value to meet the requirements in your environment.
lookupAttributeList
This entry holds the list of attributes in your target system that the connector must be handle as lookup fields.
The connector creates a lookup field for each of the attributes specified in this entry and associates it with the corresponding lookup fields on the OIM User process form.
If you want to create a lookup field for a single-valued or multivalued field, then enter the value in the following format:
['FIELD_NAME']
In this format, replace FIELD_NAME with the name of the single or multivalued field.
If you want create a lookup field for a multivalued field that is embedded then, enter the value in the following format:
['OBJ_CLASS.SUB_FIELD_NAME']
In this format, replace:
OBJ_CLASS with the EmbeddedObjectClass name for the child form as specified in the schema file.
SUB_FIELD_NAME with the subfield name for the child form as specified in the schema file.
The default value of this entry is:
['Currency']
In this value, Currency
is a multivalued field.
You can modify the default value to meet the requirements in your environment.
For each attribute listed in the lookupAttributeList entry, the connector creates a lookup definition and scheduled job in the following format:
Lookup definition format:
Lookup.${IT_RES_NAME}.${FIELD_NAME}
This lookup definition holds the lookup values reconciled from the target system.
Scheduled job format:
IT_RES_NAME Target FIELD_NAME Lookup Reconciliation
This scheduled job is used to load or reconcile lookup values from your target system. See Scheduled Job for Lookup Field Synchronization for more information about the attributes of the scheduled job for lookup reconciliation.
In both the formats, the connector replaces:
IT_RES_NAME with the value of the itResourceDefName entry.
FIELD_NAME with the name of the field for which the lookup field is created.
alias
The metadata generator uses aliases to create relationships between the attributes in the target system and resource object field names in Oracle Identity Manager. In addition, the metadata generator uses aliases to shorten long database names to meet the character-length restrictions on form names and form field names in Oracle Identity Manager. Aliasing can be used on column name, form name, and form field name levels. Note that the target system attributes are represented as connector attributes.
Depending on the type of configuration, specify values for one of the following sections:
For trusted source configuration
In the trusted source configuration section, you use the alias entry to map connector attributes or target system attributes to the OIM User form field names. The mappings that you specify here are used to populate entries in the Recon Attribute map lookup definition for trusted source reconciliation.
Note that some of the OIM User form field names do not have the same display name internally. For such fields, you must ensure that you map the connector attribute or target system attribute to the internal name rather than the display name. The following table lists the names of the OIM User form display names and their corresponding internal names:
Display Name | Internal Name |
---|---|
Organization |
Organization Name |
Manager |
Manager Login |
|
|
The following is the default value of the alias entry:
['__NAME__':'User Login', 'LastName':'Last Name','Organization':'Organization Name', 'Employee Type':'Xellerate Type', 'Role':'Role']
In the default value, note that the "Organization" connector attribute has been mapped to "Organization Name", which is the internal name.
You cannot delete existing mappings in the default value. However, you can modify these mappings.
If you want to add mappings for fields other than the ones already present in the alias entry, then you can add them either to the existing values in the alias entry, or add them to the alias + entry.
The following is the default value of the alias + entry:
['__ENABLE__':'Status', 'FirstName':'First Name', 'email':'Email', 'JoiningDate':'Start Date']
The following is the format in which you must specify values for the alias and alias + entry:
['CONN_ATTR1': 'OIM_FIELD1', 'CONN_ATTR2': 'OIM_FIELD2', . . . 'CONN_ATTRn': 'OIM_FIELDn']
In this format:
CONN_ATTR is the connector attribute name.
OIM_FIELD is the name of the field on the OIM User form.
For target resource configuration
In the target resource configuration section, you use the alias entry for one or all of the following purposes:
To map connector attributes or target system attributes to fields of the process form. The mappings that you specify here are used to populate entries in the Recon Attribute map and Prov Attribute map lookup definitions that are used during target resource reconciliation.
To set an alias (a unique and shortened name) for the IT resource name specified in the itResourceName entry.
To specify a short name for a lengthy process form field name.
When the number of characters in a process form is more than 11, the metadata generator automatically truncates the process form name to 10 characters and then suffixes it with the digit 0. Subsequently, for every process form that results in the same name after truncating, the suffix is incremented by 1. The metadata generator prevents any two process forms from having the same name by using autonumbering. To gain control over the autogenerated form name and to have meaningful form names, you can use an alias to specify a shortened process form name.
This is illustrated by the following example:
Assume that the resource name is GENDB and contains child data that is represented as USER_ROLES in the schema.
When you run the metadata generator, the process form is created and the form name is UD_GENDB_USER_ROLES. As the number of characters in this process form name is more than 11, the metadata generator automatically truncates it to UD_GENDB_U0. The truncated form name, UD_GENDB_U0, is not meaningful.
To avoid encountering such issues or forms with autogenerated names, you can use the alias entry to specify short and meaningful process form names.
The following is the default value of the alias entry in the target resource configuration section:
['__UID__':'id', '__NAME__':'primaryEmail']
You cannot delete existing mappings in the default value as they are mandatory. However, you must modify the default value to match the values of the UidAttribute and NameAttribute qualifiers in the schema file. For example, in the schema file, if you have set the values of the UidAttribute and NameAttribute qualifiers to EmpId and UserName respectively, then you must set the value of the alias entry to the following:
['__UID__':'EmpId', '__NAME__':'UserName']
If you want to add mappings for fields other than the ones already present in the alias entry (in other words, optional aliases), then you can add them either to the existing values in the alias entry, or add them to the alias + entry.
The following is the default value of the alias + entry in the target resource section:
['USERROLERELATIONSHIP':'USRROL', 'comments':'Description', 'Family Name':'Last Name', 'Visibility':'Status']
The following is the format in which you must specify values for the alias and alias + entries:
['CONN_ATTR1': 'ALIAS_FIELD1', 'CONN_ATTR2': 'ALIAS_FIELD2', . . . 'CONN_ATTRn': 'ALIAS_FIELDn']
In this format:
CONN_ATTR is the connector attribute name.
ALIAS_FIELD is the alias corresponding to the connector attribute or target system attribute.