3.2 Advanced Settings Parameters

These are the configuration-related entries that the connector uses during reconciliation and provisioning operations.

Note:

  • Unless specified, do not modify entries in the below table.

  • All parameters in the below table are mandatory.

Table 3-2 Advanced Settings Parameters

   
Bundle Name

This entry holds the name of the connector bundle.

Default value: 

org.identityconnectors.genericrest
Bundle Version

This entry holds the version of the connector bundle.

Default value: 12.3.0

Connector Name

This entry holds the name of the connector class.

Default value: 

org.identityconnectors.genericrest.GenericRESTConnector
relURIs

This entry holds the relative URL of every object class supported by this connector and the connector operations that can be performed on these object classes. This is a mandatory attribute while creating an application.

Default value: 
"__ACCOUNT__.CREATEOP=/$(api_version)$/users","__ACCOUNT__.UPDATEOP=/$(api_version)$/users/$(__UID__)$","__ACCOUNT__.DELETEOP=/$(api_version)$/users/$(__UID__)$?action=delete","__ACCOUNT__.__PASSWORD__.UPDATEOP=/$(api_version)$/users/$(__UID__)$/password","__ACCOUNT__.SEARCHOP=/$(api_version)$/users?$(Filter Suffix)$&page_size=$(PAGE_SIZE)$&next_page_token=$(PAGE_TOKEN)$","__GROUP__.SEARCHOP=/$(api_version)$/groups","__ACCOUNT__.group_ids.SEARCHOP=/$(api_version)$/users/$(__UID__)$","__ACCOUNT__.group_ids.UPDATEOP=/$(api_version)$/groups/$(group_ids)$/members","__ACCOUNT__.group_ids.DELETEOP=/$(api_version)$/groups/$(group_ids)$/members/$(__UID__)$","__ROLE__.SEARCHOP=/$(api_version)$/roles","__ACCOUNT__.role_id.UPDATEOP=/$(api_version)$/roles/$(role_id)$/members","__ACCOUNT__.role_id.DELETEOP=/$(api_version)$/roles/$(role_id)$/members/$(__UID__)$","__ACCOUNT__.__ENABLE__.UPDATEOP=/$(api_version)$/users/$(__UID__)$/status","__ACCOUNT__.__NAME__.UPDATEOP=/$(api_version)$/users/$(__UID__)$/email"
nameAttributes

This entry holds the name attribute for all the objects that are handled by this connector.

For example, for the __ACCOUNT__ object class that it used for User accounts, the name attribute is userPrincipalName.

Default value

"__ACCOUNT__.email","__GROUP__.name","__ROLE__.name"
uidAttributes

This entry holds the uid attribute for all the objects that are handled by this connector.

For example, for User accounts, the uid attribute is objectId.

In other words, the value __ACCOUNT__objectId in decode implies that the __UID__attribute (that is, GUID) of the connector for _ACCOUNT__object class is mapped to objectId which is the corresponding uid attribute for user accounts in the target system.

Default value:

"__ACCOUNT__.id","__GROUP__.id","__ROLE__.id"
opTypes

This entry specifies the HTTP operation type for each object class supported by the connector. Values are comma separated and are in the following format: OBJ_CLASS.OP=HTTP_OP

In this format, OBJ_CLASS is the connector object class, OP is the connector operation (for example, CreateOp, UpdateOp, SearchOp), and HTTP_OP is the HTTP operation (GET, PUT, or POST).

Default value: 

"__ACCOUNT__.CREATEOP=POST","__ACCOUNT__.UPDATEOP=PATCH","__ACCOUNT__.SEARCHOP=GET","__ACCOUNT__.TESTOP=GET","__ACCOUNT__.group_ids.UPDATEOP=POST","__ACCOUNT__.role_id.UPDATEOP=POST","__ACCOUNT__.__PASSWORD__.UPDATEOP=PUT","__ACCOUNT__.__ENABLE__.UPDATEOP=PUT","__ACCOUNT__.__NAME__.UPDATEOP=PUT"
pageSize

The number of resources/users that appears on a page for a search operation.

Default value:

30
pageTokenAttribute

The attribute in response payload that denotes the next page token.

Default value: 

next_page_token
jsonResourcesTag

This entry holds the json tag value that is used during reconciliation for parsing multiple entries in a single payload.

Default value: 

"__ACCOUNT__=users","__GROUP__=groups","__ROLE__=roles"
httpHeaderContentType

This entry holds the content type expected by the target system in the header.

Default value: 

application/json
httpHeaderAccept

This entry holds the accept type expected from the target system in the header.

Default value: 

application/json
provisionDisableValue

This value is used to deactivate the user by provisioning.

Default value: 

deactivate
provisionEnableValue

This value is used to activate the user by provisioning.

Default value: 
activate
statusDisableValue

This value is used to deactivate the user during reconciliation.

Default value: 
inactive
statusEnableValue

This value is used to activate the user during reconciliation.

Default value: 
active
specialAttributeTargetFormat

This entry lists the format in which an attribute is present in the target system endpoint.

For example, the alias attribute will be present as aliases.alias in the target system endpoint. Values are comma separated and are presented in the following format: OBJ_CLASS.ATTR_NAME= TARGET_FORMAT

Default value: 
"__ACCOUNT__.group_ids=group_ids","__ACCOUNT__.role_id=value"
specialAttributeHandling

This entry lists the special attributes whose values should be sent to the target system one by one ("SINGLE"). Values are comma separated and are in the following format:

OBJ_CLASS.ATTR_NAME.PROV_OP=SINGLE

For example, the __ACCOUNT__.manager.UPDATEOP=SINGLE value in decode implies that during an update provisioning operation, the manager attribute of the __ACCOUNT__ object class must be sent to the target system one-by-one.

Default value: 
"__ACCOUNT__.group_ids.CREATEOP=SINGLE","__ACCOUNT__.group_ids.UPDATEOP=SINGLE","__ACCOUNT__.role_id.CREATEOP=SINGLE","__ACCOUNT__.role_id.UPDATEOP=SINGLE"
customPayload

This entry lists the payloads for all operations that are not in the standard format.

Default value: 
"__ACCOUNT__.CREATEOP={\"action\": \"$(createType)$\",\"user_info\": { \"email\": \"$(__NAME__)$\",\"type\": \"$(type)$\",\"first_name\": \"$(first_name)$\",\"last_name\": \"$(last_name)$\",\"password\": \"$(__PASSWORD__)$\"}}","__ACCOUNT__.group_ids.UPDATEOP={\"members\": [{ \"id\": \"$(__UID__)$\"}]}","__ACCOUNT__.role_id.UPDATEOP={\"members\": [{\"id\": \"$(__UID__)$\"}]}","__ACCOUNT__.__ENABLE__.UPDATEOP={\"action\": \"$(__ENABLE__)$\"}","__ACCOUNT__.__NAME__.UPDATEOP={\"email\": \"$(__NAME__)$\"}"
statusAttributes

This entry lists the name of the target system attribute that holds the status of an account. For example, for the __ACCOUNT__ object class that it used for User accounts, the status attribute is “status”.

Default value: 
"__ACCOUNT__.status"
passwordAttribute

This entry holds the name of the target system attribute that is mapped to the __PASSWORD__ attribute of the connector in OIM.

Default value: 
password
childFieldsWithSingleEndpoint

This entry specifiesspecial attributes data coming in from a single end point response

Default value:
"__GROUP__","__ROLE__"