1.5 Connector Architecture

The Oracle NetSuite is implemented by using the Identity Connector Framework (ICF).

The ICF is a component that is required in order to use Identity Connector. ICF provides basic reconciliation and provisioning operations that are common to all Oracle Identity Governance connectors. In addition, ICF provides common features that developers would otherwise need to implement on their own, such as, buffering, time outs, and filtering. ICF is distributed together with Oracle Identity Governance. Therefore, you do not need to configure or modify ICF.

The following figure shows the architecture of the Oracle NetSuite.

Figure 1-1 Oracle NetSuite Connector Architecture

The connector is configured to run in one of the following modes:

Account management

Account management is also known as target resource management. In this mode, the target system is used as a target resource and the connector enables the following operations:

Provisioning

Provisioning involves creating, updating, or deleting users on the target system through Oracle Identity Governance. During provisioning, the Adapters invoke ICF operation, ICF in turn invokes create operation on the NetSuite Identity Connector Bundle and then the bundle calls the target system API (NetSuite API) for provisioning operations. The API on the target system accepts provisioning data from the bundle, carries out the required operation on the target system, and returns the response from the target system back to the bundle, which passes it to the adapters.

Target resource reconciliation

During reconciliation, a scheduled task invokes an ICF operation. ICF in turn invokes a search operation on the Oracle NetSuite Identity Connector Bundle and then the bundle calls NetSuite API for Reconciliation operation. The API extracts user records that match the reconciliation criteria and hands them over through the bundle and ICF back to the scheduled task, which brings the records to Oracle Identity Governance.

Each record fetched from the target system is compared with NetSuite resources that are already provisioned to OIM Users. If a match is found, then the update made to the NetSuite record from the target system is copied to the NetSuite resource in Oracle Identity Governance. If no match is found, then the Name of the record is compared with the User Login of each OIM User. If a match is found, then data in the target system record is used to provision a NetSuite resource to the OIM User.

The Oracle NetSuite Identity Connector Bundle communicates with the NetSuite API using the HTTPS protocol. The NetSuite API provides programmatic access to NetSuite through Suite-QL API and SOAP API endpoints. Apps can use the Suite-QL API and SOAP API to perform create, read, update, and delete (CRUD) operations on directory data and directory objects, such as users, roles, global permissions and groups.

See Also:

Understanding the Identity Connector Framework in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Governance for more information about ICF.