1. Configuring SAP Ariba Connector
  2. Introduction to the Connector
  3. Connector Architecture

1.5 Connector Architecture

The SAP Ariba is implemented by using the Identity Connector Framework (ICF).

The ICF is a component that is required to use Identity Connector. ICF provides basic reconciliation and provisioning operations that are common to all Oracle Identity Governance connectors. In addition, ICF provides common features that developers would otherwise need to implement on their own, such as, buffering, time outs, and filtering. ICF is distributed together with Oracle Identity Governance. Therefore, you do not need to configure or modify ICF.

The following figure shows the architecture of the SAP Ariba.

The connector is configured to run in one of the following modes:

Figure 1-1 SAP Ariba Connector Architecture

The figure shows the architecture of the SAP Ariba Connector.
  • Account management

    Account management is also known as target resource management. In this mode, the target system is used as a target resource and the connector enables the following operations:

    • Provisioning

      Provisioning involves creating and updating users on the target system through Oracle Identity Governance. During provisioning, the Adapters invoke ICF operation, ICF in turn invokes create operation on the SAP Ariba Identity Connector Bundle and then the bundle calls the target system API (SAP Ariba SOAP API) for provisioning operations. The SOAP API on the target system accepts provisioning data from the bundle, carries out the required operation on the target system, and returns the response from the target system back to the bundle, which passes it to the adapters.

    • Target resource reconciliation

      During reconciliation, a scheduled task invokes an ICF operation. ICF in turn invokes a search operation on the SAP Ariba Identity Connector Bundle and then the bundle calls SAP Ariba REST API for Reconciliation operation. The REST API extracts user records that match the reconciliation criteria and hands them over through the bundle and ICF back to the scheduled task, which brings the records to Oracle Identity Governance.

      Each record fetched from the target system is compared with SAP Ariba resources that are already provisioned to OIG Users. If a match is found, then the update made to the SAP Ariba record in OIG from the target system. If no match is found, then the Name of the record is compared with the User Login of each OIG User, if a match is found, then data in the target system record is used to provision an SAP Ariba resource to the OIG User.

The SAP Ariba Identity Connector Bundle communicates with the SAP Ariba SOAP and REST API using the HTTPS protocol. The SAP Ariba API provides programmatic access to SAP Ariba through SOAP and REST API endpoints. Application can use the SOAP and REST API to perform create, read, and update operations for users, assigning and removal of groups.

See Also:

Understanding the Identity Connector Framework in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Governance for more information about ICF.