3.2 Advanced Settings Parameters
These are the configuration-related entries that the connector uses during reconciliation and provisioning operations.
Note:
- Unless specified, do not modify entries in the below table.
- All parameters in the table below are mandatory.
Table 3-2 Advanced Settings Parameters
| Parameter | Mandatory? | Description |
|---|---|---|
| Connector Name | Yes |
This entry holds the name of the connector class. Default value: org.identityconnectors.genericrest.GenericRESTConnector |
| Bundle Name | Yes |
This entry holds the name of the connector bundle. Default value: org.identityconnectors.genericrest |
| Bundle Version | Yes |
This entry holds the version of the connector bundle. Default value: 12.3.0 |
| nameAttributes |
Yes
|
This entry holds the namehelpText="Target attribute for all the objects that are handled by this connector. For example, __NAME__ for the __ACCOUNT__each object class that it used for User accounts, the name attribute is user_name." Default value: "GroupID.groupName","__ACCOUNT__.userName","RoleId.RoleName","LobId.lobName","__DOMAIN__.SadDomainName","__USERTYPE__.UserTypeName","UserDualAuthFactType.DualFactorType","__USERSERVICE__.ServiceTypeName","__ONETIMEUSERSERVICE__.ServiceTypeName","__TIMEBASEDUSERSERVICE__.ServiceTypeName","__ACCESSTYPE__.AccessTypeName" |
| uidAttributes | Yes |
This entry holds the uidhelpText="Target attribute for all the objects that are handled by this connector. For example, __UID__ for each object class. Default value: "GroupID.id","__DOMAIN__.SadDomainName","LobId.id","RoleId.RoleId","__ACCOUNT__.id","UserDualAuthFactType.id","__USERTYPE__.UserTypeId","__USERSERVICE__.ServiceId","__ONETIMEUSERSERVICE__.ServiceId","__TIMEBASEDUSERSERVICE__.ServiceId","__ACCESSTYPE__.AccessTypeId" |
| relURIs | Yes |
This entry holds the relative URL of every object class supported by this connector and the connector operations that can be performed on these object classes. Default value: "LobId.SEARCHOP=/$(api_version)$/Lobs","__ACCOUNT__.LobId.ADDATTRIBUTE=/$(api_version)$/Lobs","__ACCOUNT__.LobId.REMOVEATTRIBUTE=/$(api_version)$/Lobs","__ACCOUNT__.SEARCHOP=/$(api_version)$/Users$(Filter Suffix)$?LobId=All Lobs&PageNumber=$(PAGE_INCREMENT)$&PageSize=$(PAGE_SIZE)$","__ACCOUNT__.TESTOP=/$(api_version)$/UserType","__ACCOUNT__.CREATEOP=/$(api_version)$/Users","__ACCOUNT__.UPDATEOP=/$(api_version)$/Users/$(__UID__)$","__ACCOUNT__.DELETEOP=/$(api_version)$/Users/$(__UID__)$","GroupID.SEARCHOP=/$(api_version)$/Groups?LobId=All Lobs&IsFullRecords=1","__ACCOUNT__.GroupID.ADDATTRIBUTE=/$(api_version)$/Groups","__ACCOUNT__.GroupID.REMOVEATTRIBUTE=/$(api_version)$/Groups","__USERSERVICE__.SEARCHOP=/$(api_version)$/Services?LobId=All Lobs&IsFullRecords=1","__ACCOUNT__.__USERSERVICE__.ADDATTRIBUTE=/$(api_version)$/Services","__ACCOUNT__.__USERSERVICE__.REMOVEATTRIBUTE=/$(api_version)$/Services","__ACCOUNT__.__ONETIMEUSERSERVICE__.ADDATTRIBUTE=/$(api_version)$/Services","__ACCOUNT__.__TIMEBASEDUSERSERVICE__.ADDATTRIBUTE=/$(api_version)$/Services","RoleId.SEARCHOP=/$(api_version)$/Role?LobId=All Lobs","__ACCOUNT__.RoleId.ADDATTRIBUTE=/$(api_version)$/Role","__ACCOUNT__.RoleId.REMOVEATTRIBUTE=/$(api_version)$/Role","__DOMAIN__.SEARCHOP=/$(api_version)$/Domain","__USERTYPE__.SEARCHOP=/$(api_version)$/UserType","UserDualAuthFactType.SEARCHOP=/$(api_version)$/DualAuth","__ACCOUNT__.ENABLEOP=/$(api_version)$/Users/$(__UID__)$","__ACCOUNT__.DISABLEOP=/$(api_version)$/Users/$(__UID__)$","__ACCOUNT__.__PASSWORD__.UPDATEOP=/$(api_version)$/Users/$(__UID__)$","__ACCOUNT__.UserDualAuthFactType.ADDATTRIBUTE=/$(api_version)$/DualAuth","__ACCOUNT__.UserDualAuthFactType.REMOVEATTRIBUTE=/$(api_version)$/DualAuth","__ACCESSTYPE__.SEARCHOP=/$(api_version)$/Services/GetAccessTypes" |
| opTypes | No |
This entry specifies the HTTP operation type for each object class supported by the connector. Values are comma separated and are in the following format: OBJ_CLASS.OP=HTTP_OP In this format, OBJ_CLASS is the connector object class, OP is the connector operation (for example, CreateOp, UpdateOp, SearchOp), and HTTP_OP is the HTTP operation (GET, PUT, or POST). Default value: "LobId.SEARCHOP=GET","__ACCOUNT__.LobId.ADDATTRIBUTE=PATCH","__ACCOUNT__.LobId.REMOVEATTRIBUTE=PATCH","__ACCOUNT__.SEARCHOP=GET","__ACCOUNT__.CREATEOP=POST","__ACCOUNT__.UPDATEOP=PUT","__ACCOUNT__.DELETEOP=DELETE","GroupID.SEARCHOP=GET","__ACCOUNT__.GroupID.ADDATTRIBUTE=PATCH","__ACCOUNT__.GroupID.REMOVEATTRIBUTE=PATCH","__ACCOUNT__.__USERSERVICE__.SEARCHOP=GET","__ACCOUNT__.__USERSERVICE__.ADDATTRIBUTE=PATCH","__ACCOUNT__.__USERSERVICE__.REMOVEATTRIBUTE=PATCH","__ACCOUNT__.__ONETIMEUSERSERVICE__.ADDATTRIBUTE=PATCH","__ACCOUNT__.__TIMEBASEDUSERSERVICE__.ADDATTRIBUTE=PATCH","RoleId.SEARCHOP=GET","__ACCOUNT__.RoleId.ADDATTRIBUTE=PATCH","__ACCOUNT__.RoleId.REMOVEATTRIBUTE=PATCH","__DOMAIN__.SEARCHOP=GET","__USERTYPE__.SEARCHOP=GET","UserDualAuthFactType.SEARCHOP=GET","__ACCOUNT__.TESTOP=GET","__ACCOUNT__.ENABLEOP=PUT","__ACCOUNT__.DISABLEOP=PUT","__ACCOUNT__.__PASSWORD__.UPDATEOP=PUT","__ACCOUNT__.UserDualAuthFactType.ADDATTRIBUTE=PATCH","__ACCOUNT__.UserDualAuthFactType.REMOVEATTRIBUTE=PATCH" |
| pageSize | No |
The number of users that appears on a page for a search operation. Default value:100 |
| statusEnableValue | No |
This value is used to activate the user during reconciliation. Default value:1 |
| statusDisableValue | No |
This value is used to deactivate the user during reconciliation. Default value:0 |
| jsonResourcesTag | No |
This entry holds the json tag value that is used during reconciliation for parsing multiple entries in a single payload. Default value: "GroupID=Result","__DOMAIN__=Result","LobId=Result","__ACCOUNT__=Result","RoleId=Result","UserDualAuthFactType=Result","__USERTYPE__=Result","__ACCESSTYPE__=Result","__USERSERVICE__=Result","__ONETIMEUSERSERVICE__=Result","__TIMEBASEDUSERSERVICE__=Result" |
| httpHeaderContentType | No |
This entry holds the content type expected by the target system in the header. Default value: application/json |
| httpHeaderAccept | No |
This entry holds the accept type expected from the target system in the header. Default value: application/json |
|
specialAttributeHandling
|
No |
This entry lists the format in which an attribute is present in the target system endpoint. Values are comma separated and are presented in the following format: OBJ_CLASS.ATTR_NAME= TARGET_FORMAT. Default value: "__ACCOUNT__.GroupID.ADDATTRIBUTE=SINGLE","__ACCOUNT__.GroupID.REMOVEATTRIBUTE=SINGLE","__ACCOUNT__.RoleId.ADDATTRIBUTE=SINGLE","__ACCOUNT__.RoleId.REMOVEATTRIBUTE=SINGLE","__ACCOUNT__.LobId.ADDATTRIBUTE=SINGLE","__ACCOUNT__.LobId.REMOVEATTRIBUTE=SINGLE","__ACCOUNT__.__USERSERVICE__.ADDATTRIBUTE=SINGLE","__ACCOUNT__.__USERSERVICE__.REMOVEATTRIBUTE=SINGLE","__ACCOUNT__.UserDualAuthFactType.ADDATTRIBUTE=SINGLE","__ACCOUNT__.UserDualAuthFactType.REMOVEATTRIBUTE=SINGLE","__ACCOUNT__.__ONETIMEUSERSERVICE__.ADDATTRIBUTE=SINGLE","__ACCOUNT__.__TIMEBASEDUSERSERVICE__.ADDATTRIBUTE=SINGLE" |
| customPayload | No |
This entry lists the payloads for all operations that are not in the standard format. Default value: "__ACCOUNT__.ENABLEOP={\"ValidTillDate\":\"12/31/2058 12:00:00 AM\",\"IsActive\":1}","__ACCOUNT__.DISABLEOP={\"ValidTillDate\":\"12/31/2022 12:00:00 AM\",\"IsActive\":1}","__ACCOUNT__.__PASSWORD__.UPDATEOP={\"password\":\"$(__PASSWORD__)$\"}","__ACCOUNT__.GroupID.ADDATTRIBUTE={\"op\":\"add\",\"GroupID\":$(id)$,\"LobId\":\"All Lobs\",\"value\":[{\"UserId\":$(__UID__)$}]}","__ACCOUNT__.GroupID.REMOVEATTRIBUTE={\"op\":\"remove\",\"GroupID\":$(id)$,\"LobId\":\"All Lobs\",\"value\":[{\"UserId\":$(__UID__)$}]}","__ACCOUNT__.RoleId.ADDATTRIBUTE={\"op\":\"add\",\"UserId\":$(__UID__)$,\"RoleId\":[$(RoleId)$]}","__ACCOUNT__.RoleId.REMOVEATTRIBUTE={\"op\":\"remove\",\"UserId\":$(__UID__)$,\"RoleId\":[$(RoleId)$]}","__ACCOUNT__.CREATEOP={\"userName\":\"$(__NAME__)$\",\"displayName\":\"$(displayName)$\",\"ValidTillDate\":\"$(ValidTillDate)$\",\"IsActive\":1,\"emails\":{\"value\":\"$(emails.value)$\"},\"phoneNumbers\":{\"value\":\"$(phoneNumbers.value)$\"},\"GroupID\":[],\"domainName\":\"$(domainName)$\",\"LobId\":\"$(LobPrimary)$\",\"userTypeId\":$(userTypeId)$,\"password\":\"$(__PASSWORD__)$\",\"RoleId\":[4]}","__ACCOUNT__.LobId.ADDATTRIBUTE={\"op\":\"add\",\"UserID\":$(__UID__)$,\"LobId\":[$(LobId)$]}","__ACCOUNT__.LobId.REMOVEATTRIBUTE={\"op\":\"remove\",\"UserID\":$(__UID__)$,\"LobId\":[$(LobId)$]}","__ACCOUNT__.UserDualAuthFactType.ADDATTRIBUTE={\"op\": \"add\",\"UserId\": $(__UID__)$,\"DualFactorTypeId\": [$(id)$]}","__ACCOUNT__.UserDualAuthFactType.REMOVEATTRIBUTE={\"op\": \"remove\",\"UserId\": $(__UID__)$,\"DualFactorTypeId\": [$(id)$]}","__ACCOUNT__.__USERSERVICE__.ADDATTRIBUTE={\"op\":\"add\",\"UserID\":$(__UID__)$,\"LobId\":\"All Lobs\",\"value\":[{\"ServiceId\": $(ServiceId)$}]}","__ACCOUNT__.__USERSERVICE__.REMOVEATTRIBUTE={\"op\":\"remove\",\"UserID\":$(__UID__)$,\"LobId\":\"All Lobs\",\"value\":[{\"ServiceId\": $(ServiceId)$}]}","__ACCOUNT__.__ONETIMEUSERSERVICE__.ADDATTRIBUTE={\"op\":\"add\",\"UserID\":$(__UID__)$,\"LobId\":\"All Lobs\", \"AccessType\":\"$(AccessTypeId)$\",\"StartDateTime\":\"$(StartDateTime)$\",\"EndDateTime\":\"$(EndDateTime)$\",\"value\":[{\"ServiceId\":$(ServiceId)$}]}","__ACCOUNT__.__TIMEBASEDUSERSERVICE__.ADDATTRIBUTE={\"op\":\"add\",\"UserID\":$(__UID__)$,\"LobId\":\"All Lobs\",\"AccessType\":\"$(AccessTypeId)$\",\"StartDate\":\"$(StartDate)$\",\"EndDate\":\"$(EndDate)$\",\"StartTime\":\"$(StartTime)$\",\"EndTime\":\"$(EndTime)$\",\"hours\":\"$(hours)$\",\"minutes\":\"$(minutes)$\",\"value\":[{\"ServiceId\":$(ServiceId)$}]}" Note: ValidTillDate can be provided as per the customer requirement for ENABLEOP and DISABLEOP URLs in the custom payload |
| statusAttributes | No |
This entry lists the name of the target system attribute that holds the status of an account. For example, for the
Default value: __ACCOUNT__.IsActive |
| passwordAttribute | No |
This entry holds the name of the target system attribute that is mapped to the __PASSWORD__ attribute of the connector in OIM. Default value: password |
| targetObjectIdentifier | No |
This entry specifies the key-value pair for replacing place holders in the relURIs. Values are comma separated and in the KEY;VALUE format. Default value: "__ACCOUNT__.__USERSERVICE__=AccessTypeId;1","__ACCOUNT__.__ONETIMEUSERSERVICE__=AccessTypeId;2","__ACCOUNT__.__TIMEBASEDUSERSERVICE__=AccessTypeId;3" |
| attrNameIdentifier | No |
This entry specifies the variable to identify the services information in the json response Default value: "__USERSERVICE__=UserServicesId","__ONETIMEUSERSERVICE__=UserServicesId","__TIMEBASEDUSERSERVICE__=UserServicesId" |