2 Creating an Application By Using the Database User Management Connector
Learn about onboarding applications using the connector and the prerequisites for doing so.
2.1 Process Flow for Creating an Application By Using the Connector
From Oracle Identity Governance release 12.2.1.3.0 onward, connector deployment is handled using the application onboarding capability of Identity Self Service.
Figure 2-1 is a flowchart depicting high-level steps for creating an application in Oracle Identity Governance by using the connector installation package.
Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector
![Description of Figure 2-1 follows Description of Figure 2-1 follows](img/aob_highlevel_flow.png)
Description of "Figure 2-1 Overall Flow of the Process for Creating an Application By Using the Connector"
2.2 Prerequisites for Creating an Application Database User Management Connector
Learn about the tasks that you must complete before you create the application.
2.2.1 Downloading the Connector Installation Package
You can obtain the installation package for your connector on the Oracle Technology Network (OTN) website.
2.2.2 Creating a Target System User Account for Database User Management Connector Operations
Oracle Identity Governance requires a target system user account to access the target system during reconciliation and provisioning operations. Depending on the target system you are using, you can create the user in your target system and assign specific permissions and roles to the user.
You provide the credentials of this user account as part of Basic Configuration Parameters for Oracle Database or Basic Configuration Parameters for MySQL while creating an application.
See Also:
Target system documentation for detailed information about creating the user
-
For Oracle Database:
-
Create Login using the following query:
CREATE USER serviceuser IDENTIFIED BY password DEFAULT TABLESPACE users TEMPORARY TABLESPACE temp QUOTA UNLIMITED ON users;
-
Assign the following permissions and roles to the created user:
-
GRANT CONNECT TO serviceuser;
-
GRANT SELECT on dba_role_privs TO serviceuser;
-
GRANT SELECT on dba_sys_privs TO serviceuser;
-
GRANT SELECT on dba_ts_quotas TO serviceuser;
-
GRANT SELECT on dba_tablespaces TO serviceuser;
-
GRANT SELECT on dba_users TO serviceuser;
-
GRANT CREATE USER TO serviceuser;
-
GRANT ALTER ANY TABLE TO serviceuser;
-
GRANT GRANT ANY PRIVILEGE TO serviceuser;
-
GRANT GRANT ANY ROLE TO serviceuser;
-
GRANT DROP USER TO serviceuser;
-
GRANT SELECT on dba_roles TO serviceuser;
-
GRANT SELECT ON dba_profiles TO serviceuser;
-
GRANT ALTER USER TO serviceuser;
-
GRANT CREATE ANY TABLE TO serviceuser;
-
GRANT DROP ANY TABLE TO serviceuser;
-
GRANT CREATE ANY PROCEDURE TO serviceuser;
-
GRANT DROP ANY PROCEDURE TO serviceuser;
-
-
-
For MySQL:
-
Create a user using the following query:
CREATE USER serviceuser IDENTIFIED BY 'password';
-
Assign the following permissions and roles to the created user using the following query:
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, ALTER ON *.* TO 'serviceuser';
-
2.2.3 Copying Third-Party JAR Files
These are the drivers that the connector requires to establish a connection with the target system.
- If you are using Oracle database as the target system, then there is no need to copy any JAR files.
- If you are using MySQL as the target system, then copy the mysql-connector-java-5.1.20-bin.jar file to the /ConnectorDefaultDirectory/targetsystems-lib/DBUM-RELEASE_NUMBER. directory.
2.3 Creating an Application By Using the Connector
You can onboard an application into Oracle Identity Governance from the connector package by creating a Target application or Authoritative applictaion. To do so, you must log in to Identity Self Service and then choose the Applications box on the Manage tab.
Note:
For detailed information on each of the steps in this procedure, see Creating Applications of Oracle Fusion Middleware Performing Self Service Tasks with Oracle Identity Governance.
- Create an application in Identity Self Service. The high-level steps are as follows:
- Verify reconciliation and provisioning operations on the newly created application.
See Also:
-
Configuring the Database User Management Connector for Oracle Database or Configuring the Database User Management Connector for MySQL for details on basic configuration and advanced settings parameters, default user account attribute mappings, default correlation rules, and reconciliation jobs that are predefined for this connector
-
Configuring Oracle Identity Governance for details on creating a new form and associating it with your application, if you chose not to create the default form.