2 Creating an Application By Using the Database Application Tables Connector

Learn about onboarding applications using the connector and the prerequisites for doing so.

• Process Flow for Creating an Application By Using the Connector

• Prerequisites for Creating an Application By Using the Connector

• Creating a Target System User Account for Database Application Tables Connector Operations

2.1 Process Flow for Creating an Application By Using the Connector

From Oracle Identity Governance release 12.2.1.3.0 onward, connector deployment is handled using the application onboarding capability of Identity Self Service.

Figure 2-1 is a flowchart depicting high-level steps for creating an application in Oracle Identity Governance by using the connector installation package.

Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector

Description of "Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector"

2.2 Prerequisites for Creating an Application By Using the Connector

Learn about the tasks that you must complete before you create the application.

• Downloading the Connector Installation Package

• Creating a Target System User Account for Database Application Tables Connector Operations

2.2.1 Downloading the Connector Installation Package

You can obtain the installation package for your connector on the Oracle Technology Network (OTN) website.

To download the connector installation package:

1. Navigate to the OTN website at http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/connectors-101674.html.
2. Click OTN License Agreement and read the license agreement.
3. Select the Accept License Agreement option.
   You must accept the license agreement before you can download the installation package.
4. Download and save the installation package to any directory on the computer hosting Oracle Identity Governance.
5. Extract the contents of the installation package to any directory on the computer hosting Oracle Identity Governance. This creates a directory named CONNECTOR_NAME-RELEASE_NUMBER.
6. Copy the CONNECTOR_NAME-RELEASE_NUMBER directory to the OIG_HOME/server/ConnectorDefaultDirectory directory.

2.2.2 Creating a Target System User Account for Database Application Tables Connector Operations

Oracle Identity Governance uses a target system user account to provision to and reconcile data from the target system.

For all target systems certified for this connector, the following are the minimum rights to be assigned to the target system user account:

• For reconciliation: The user account must have permissions to run SELECT statements on the tables that must be managed by this connector.
• For provisioning: The user account must have permissions to perform select, insert, update, and delete operations on the tables to be managed by this connector.
• If you are configuring the connector to use custom stored procedures to perform connector operations, then the user account must have execute permissions on the relevant stored procedures. See the target system documentation for the procedure to create a target system user account with the preceding permissions required for performing connector operations.

2.3 Creating an Application By Using the Connector

You can onboard an application into Oracle Identity Governance from the connector package by creating a Target application or Authoritative application. To do so, you must log in to Identity Self Service and then choose the Applications box on the Manage tab.

The following is the high-level procedure to create an application by using the connector:

Note:

For detailed information on each of the steps in this procedure, see Creating Applications of Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.

1. Create an application in Identity Self Service. The high-level steps are as follows:
   1. Log in to Identity Self Service either by using the System Administration account or an account with the ApplicationInstanceAdministrator admin role.
   2. Ensure that the Connector Package option is selected when creating an application.
   3. Update the basic configuration parameters to include connectivity-related information.
   4. If required, update the advanced setting parameters to update configuration entries related to connector operations.
   5. Add the attributes and provide the mappings:
      • If you are using Oracle Identity Governance 12c (12.2.1.3.0), then add the attributes and provide the mappings.
      • If you are using Oracle Identity Governance 12c (12.2.1.4.0), click Discover. All attributes are automatically fetched from the database and by default, the Provision field and the Reconciliation field are marked as true.
   6. Review the provisioning, reconciliation, organization, and catalog settings for your application and customize them if required. For example, you can customize the default correlation rules for your application if required.
   7. Review the details of the application and click Finish to submit the application details.

      The application is created in Oracle Identity Governance.

   8. When you are prompted whether you want to create a default request form, click Yes or No.

      If you click Yes, then the default form is automatically created and is attached with the newly created application. The default form is created with the same name as the application. The default form cannot be modified later. Therefore, if you want to customize it, click No to manually create a new form and attach it with your application.

2. Verify reconciliation and provisioning operations on the newly created application.

Note:

• For Application on Boarding: Export the HANA Database JDBC Driver, for example, ngdbc-2.4.64.jar to OIM_SEVER_CLASSPATH.
• For Connector Installation: To run the DBAT Generator, copy the HANA Database JDBC Driver, for example, ngdbc-2.4.64.jar to the dbat-generator-RELEASE_NUMBER/lib/ directory.

Note:

For Connector installation, under the Configuration section, update DBATConfiguration.groovy file with below parameters:

• JDBC driver class name

  Sample value for SAP HANA DB: 'jdbcDriver': 'com.sap.db.jdbc.Driver',

• JDBC URL template of the target database

  Sample value for SAP HANA DB: 'jdbc:sap://acmedb.com:30015',

Parameter	Type	Mandatory	Required for JDBC Driver Configuration?	Required for DataSource Configuration?	Default Value	Description
sapHanaDb	Boolean	Yes	No	No	NA	This property suggests sapHanaDb parameter support, if using for sapHanaDb only. Sample value: True

For more information on connector installation, see Installing the Connector of Oracle Identity Manager Connector Guide for Database Application Tables.