1. Configuring the Salesforce Application
  2. Configuring the Salesforce Connector
  3. Advanced Settings Parameters

3.2 Advanced Settings Parameters

These are the configuration-related entries that the connector uses during reconciliation and provisioning operations.

Note:

Unless specified, the parameters in the table are applicable to both target and authoritative applications.

Table 3-2 Advanced Settings Parameters for a Salesforce Target and Authoritative Application

Parameter Mandatory Description

Any Incremental Recon Attribute Type

 No

Default value: True

Bundle Name

No

This entry holds the name of the connector bundle package.

Default Value:org.identityconnectors.genericrest

Do not modify this entry.

Bundle Version

No

 This entry holds the version of the connector bundle package.

Default Value: 12.3.0

Do not modify this entry.

Connector Name

No

This entry holds the name of the connector class.

Default Value: org.identityconnectors.genericrest.GenericRESTConnector

customPayload

No

This entry holds the payloads for all operations that are not in the standard format.

Default Value: "__ACCOUNT__.__GROUP__.UPDATEOP={\"UserOrGroupId\": \"$(__UID__)$\",\"GroupId\": \"$(GroupId)$\"}","__ACCOUNT__.__TERRITORY__.UPDATEOP={\"UserId\": \"$(__UID__)$\",\"Territory2Id\": \"$(Territory2Id)$\"}","__ACCOUNT__.__PERMISSIONSET__.UPDATEOP={\"AssigneeId\": \"$(__UID__)$\",\"PermissionSetId\": \"$(PermissionSetId)$\"}"

jsonResourcesTag

No

 This entry holds the name of the JSON tag that holds user details in the response payload.

Default Value: "__ACCOUNT__=records","__PROFILE__=records","__GROUPLKP__=records","__ROLE__=records","__TERRITORYLKP__=records","__PERMISSIONSETLKP__=records","__ACCOUNT__.__MEMBERSHIP__.__GROUP__=records","__ACCOUNT__.__MEMBERSHIP__.__TERRITORY__=records","__ACCOUNT__.__MEMBERSHIP__.__PERMISSIONSET__=records"
pageSize No

This entry holds the value of the number of records that can be retrieved from the target system in one go.

Default Value: 200
httpHeaderContentType No

This entry holds The content type of request body

Default value: application/json
httpHeaderAccept No

This entry holds the accept request-header field can be used to specify certain media types which are acceptable for the response

Default Value: application/json

nameAttributes

Yes

This is the __NAME__ attribute mapping of Oracle Identity Governance to the relevant attribute on target system.

Default Value: "__ACCOUNT__.Username","__GROUP__.Name","__TERRITORY__.Name","__PERMISSIONSET__.Label","__PROFILE__.Name","__ROLE__.Name","__GROUPLKP__.Name","__TERRITORYLKP__.Name","__PERMISSIONSETLKP__.Label"

opTypes

 No

This entry holds Target supported HTTP operations for each attribute in each object class, it will take default value if this detail is not given.

Default value: "__ACCOUNT__.CREATEOP=POST","__ACCOUNT__.UPDATEOP=PATCH","__ACCOUNT__.__PASSWORD__.UPDATEOP=POST","__ACCOUNT__.SEARCHOP=GET","__ACCOUNT__.TESTOP=GET","__ACCOUNT__.__GROUP__.UPDATEOP=POST","__ACCOUNT__.__TERRITORY__.ADDATTRIBUTE=POST","__ACCOUNT__.__PERMISSIONSET__.ADDATTRIBUTE=POST"

passwordAttributes

No

 This entry holds the name of the target system attribute that is mapped to the __PASSWORD__ attribute of the connector in OIG.

Default Value: NewPassword
relURIs Yes

This entry holds the list of relative URI’s

Default value:"__ACCOUNT__.CREATEOP=/services/data/v50.0/sobjects/User","__ACCOUNT__.UPDATEOP=/services/data/v50.0/sobjects/User/$(__UID__)$","__ACCOUNT__.__PASSWORD__.UPDATEOP=/services/data/v50.0/sobjects/User/$(__UID__)$/password","__ACCOUNT__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+UserName,id,LastName,FirstName,Email,ProfileId,Alias,TimeZoneSidKey,LocaleSidKey,EmailEncodingKey,LanguageLocaleKey,UserRoleId,ManagerId,IsActive,Fax,Phone,MobilePhone+from+User+$(Filter Suffix)$+LIMIT+$(PAGE_SIZE)$+OFFSET+$(PAGE_OFFSET)$","__GROUPLKP__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Name,id+from+Group+Where+Type+=+'Regular'+OR+Type+=+'Queue'+LIMIT+$(PAGE_SIZE)$+OFFSET+$(PAGE_OFFSET)$","__TERRITORYLKP__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id,Name+from+Territory2+LIMIT+$(PAGE_SIZE)$+OFFSET+$(PAGE_OFFSET)$","__PERMISSIONSETLKP__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id,label+from+PermissionSet+Where+PermissionSet.Profile.Name+=+null+LIMIT+$(PAGE_SIZE)$+OFFSET+$(PAGE_OFFSET)$","__ACCOUNT__.__GROUP__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+GroupId+From+GroupMember+Where+UserOrGroupId+=+'$(__UID__)$'","__ACCOUNT__.__PERMISSIONSET__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+PermissionSetId+FROM+PermissionSetAssignment+Where+Assignee.Id+=+'$(__UID__)$'+AND+PermissionSet.Profile.Name+=+null","__ACCOUNT__.__TERRITORY__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Territory2Id+from+UserTerritory2Association+Where+UserId+=+'$(__UID__)$'","__PROFILE__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id,Name+from+Profile+LIMIT+$(PAGE_SIZE)$+OFFSET+$(PAGE_OFFSET)$","__ACCOUNT__.__GROUP__=/services/data/v36.0/sobjects/GroupMember","__ACCOUNT__.__MEMBERSHIP__.__GROUP__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id+from+GroupMember+WHERE+GroupId+=+'$(__GROUP__.Id)$'+AND+UserOrGroupId+=+'$(__UID__)$'","__ACCOUNT__.__GROUP__.DELETEOP=/services/data/v50.0/sobjects/GroupMember/$(__MEMBERSHIP__.Id)$","__ACCOUNT__.__TERRITORY__=/services/data/v50.0/sobjects/UserTerritory2Association","__ACCOUNT__.__MEMBERSHIP__.__TERRITORY__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id+from+UserTerritory2Association+WHERE+Territory2Id+=+'$(__TERRITORY__.Id)$'+AND+UserId+=+'$(__UID__)$'","__ACCOUNT__.__TERRITORY__.DELETEOP=/services/data/v50.0/sobjects/UserTerritory2Association/$(__MEMBERSHIP__.Id)$","__ACCOUNT__.__PERMISSIONSET__=/services/data/v36.0/sobjects/PermissionSetAssignment","__ACCOUNT__.__MEMBERSHIP__.__PERMISSIONSET__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id+from+PermissionSetAssignment+WHERE+PermissionSetId+=+'$(__PERMISSIONSET__.Id)$'+AND+Assignee.Id+=+'$(__UID__)$'","__ACCOUNT__.__PERMISSIONSET__.DELETEOP=/services/data/v50.0/sobjects/PermissionSetAssignment/$(__MEMBERSHIP__.Id)$","__ROLE__.SEARCHOP=/services/data/v50.0/query/?q=SELECT+Id,Name+from+UserRole"

specialAttributeHandling No

This entry holds Value that will represent how to send values of the corresponding special attribute to the target, Ex: SINGLE, if no value is given it means it will consider default, i.e it will send all values to the target

Default value: "__ACCOUNT__.__GROUP__.CREATEOP=SINGLE","__ACCOUNT__.__GROUP__.UPDATEOP=SINGLE","__ACCOUNT__.__PERMISSIONSET__.ADDATTRIBUTE=SINGLE","__ACCOUNT__.__PERMISSIONSET__.REMOVEATTRIBUTE=SINGLE","__ACCOUNT__.__TERRITORY__.ADDATTRIBUTE=SINGLE","__ACCOUNT__.__TERRITORY__.REMOVEATTRIBUTE=SINGLE"
specialAttributeTargetFormat No

This entry holds format of special attribute in target

Default Value:

"__ACCOUNT__.__GROUP__=records","__ACCOUNT__.__TERRITORY__=records","__ACCOUNT__.__PERMISSIONSET__=records"

statusAttributes

No

 This is the __ENABLE__ attribute mapping of Oracle Identity Governance to the Status attribute on target system.

Default Value: "__ACCOUNT__.IsActive"

uidAttributes

Yes

This is the __UID__ attribute mapping of Oracle Identity Governance to the GUID attribute on target system.

Default Value: "__ACCOUNT__.Id","__GROUP__.GroupId","__TERRITORY__.Territory2Id","__PERMISSIONSET__.PermissionSetId","__PROFILE__.Id","__ROLE__.Id","__GROUPLKP__.Id","__TERRITORYLKP__.Id","__PERMISSIONSETLKP__.Id","__PROFILE__.Id"