Click HERE to see how Saviynt Intelligence is transforming the industry.
|
Click HERE to see how Saviynt Intelligence is transforming the industry.
|
on - edited on by
Rishi
Disclaimer
The integration was either created by Saviynt or by Saviynt community users. The integration is available “as is” and falls under standard connectors support for REST, SOAP, JDBC, LDAP, PowerShell, Jar, and Saviynt Connector Framework.
Note: Contributor - Sai Srungaram, Vedanth B.K
This guide describes the integration between Saviynt Enterprise Identity Cloud (EIC) and Freshteam.
This guide is intended for administrators and target system integration teams responsible for integrating and importing users from Freshteams.
Freshteam is the smart HR software for growing businesses. With Freshteam, you can attract, hire and onboard new hires, offboard exiting employees, manage employee information, and time off - all in one place. The REST connector enables you to create an integration with Freshteam for importing users to Saviynt EIC as HR Identity source.
For more information about different connectors in EIC, see Saviynt Enterprise Identity Cloud Connectors.
Note: This guide provides information about using the Freshteam (REST-based) connector for performing operations listed in the Supported Features.
The Freshteam integration supports the following features:
Software | Version |
EIC | Release v4.5 and later |
You must create an integration between EIC and the collaboration platform hosted by the target application to perform import tasks. The following components are involved in the integration:
· Freshteam is the trusted application that is integrated into the EIC through the connector to import the users.
· Connector is a software component that enables the communication between EIC and the target application. It provides a simplified integration mechanism where in some instances you only need to create a connection with minimal connectivity information for your target application. The REST connector is used for importing users through the REST APIs. For more information about creating a connection, see Creating a Connection.
· Job Scheduler is a software component that executes a job based on the configured schedule to perform import operations from EIC. For more information about the jobs used by the connector in the Freshteam integration,.
EIC uses a REST connection for integrating with Freshteam for importing users. The REST connection uses the REST protocol to communicate with the REST interface of Freshteam.
The following diagram illustrates the connector architecture and communication with the target application.
Figure: Freshteam Integration Architecture
An Access token is used in the configuration parameters of the REST connector for importing data.
Perform the following steps to generate an access token for the Freshteam application:
Login to your Freshteam account(admin).
In the Profile drop-down list, select API Key.
3. The token appears in a pop-up window. Copy the access token. You will use this token while creating a REST connection in the ConnectionJSON parameter.
Connection refers to the configuration setup for connecting EIC to target applications. For more information about the procedure to create a connection, see Creating a Connection.
While creating a connection, you must specify connection parameters that the connector uses to connect with the target application, define the type of operations to perform, the target application objects against which those operations are performed, and the frequency of performing them. In addition, you can view and edit attribute mappings between EIC and the target application.
The connector uses the following parameters for creating a connection and for importing users from the target application:
Parameter | Description | Example Configuration | Mandatory? |
Connection Name | Specify the name to identify the connection. | - | Yes |
Connection Description | Specify the description for the connection. | - | No |
Connection Type | Select the connection type as REST. | - | Yes |
Default SAV Role | Specify this parameter to assign the SAV role for the connection. The SAV role is a role in EIC that assigns specific access to users. This parameter is valid only for importing users. Sample value: User assigned with the ROLE_ADMIN role, has access to all the sections of EIC. | - | No |
Email Template | Specify this parameter to select an email template for sending notifications. Email templates provide immediate trigger of emails to a user based on actions performed. Email informs user about the action performed and if critical, needs immediate action from the user. | - | No |
ConnectionJSON | Specify this parameter to create a connection.
| Use the following format to connect to the Freshteam application: { "authentications": { "userAuth": { "authType": "oauth2", "url": "@@HOST_URL@@", "authError": [ "InvalidAuthenticationToken", "invalid_token", "Invalid access token" ], "httpMethod": "POST", "httpContentType": "application/x-www-form-urlencoded", "errorPath": "error.code", "maxRefreshTryCount": 5, "tokenResponsePath": "access_token", "tokenType": "Bearer", "accessToken": "@@API_KEY", "retryFailureStatusCode": [ 401, 403 ] } } } | Yes |
Parameter | Description | Recommended Configuration | Mandatory? |
UserImport JSON | Specify this parameter to import the users. | Use the following format to import users using the Freshteam application: { "connection": "userAuth", "url": "@@HOST_URL@@/api/employees", "httpMethod": "GET", "httpHeaders": { "contentType": "application/json", "Authorization": "${access_token}" }, "colsToPropsMap": { "username": "employee_id~#~char", "statuskey": "status~#~char", "lastname": "last_name~#~char", "firstname": "first_name~#~char", "middlename": "middle_name~#~char", "customproperty2": "official_email~#~char", "secondaryemail": "personal_email~#~char", "employeeid": "employee_id~#~char", "employeetype": "employee_type~#~char", "title": "designation~#~char", "startdate": "joining_date~#~char", "enddate": "termination_date~#~char", "departmentnumber": "department_id~#~char", "city": "address.city~#~char", "customproperty1": "id~#~char" }, "userResponsePath": "", "pagination": { "nextUrl": { "nextUrlPath": "${headers?.toString().contains('link')?headers?.link?.replace('<', '')?.replace('>; rel=\"next\"','')?.trim():null}" } } } |
Yes |
Parameter | Description
| Recommended Configuration | Support for Binding Variables? | Support for Java Ternary Operations? |
UpdateUserJSON | Specify this parameter to Update a user in the target application.
| Use the following format to Update a User using the Freshteam application: { "actions": { "Update Login": { "call": [ { "name": "Update Login", "connection": "userAuth", "url": "@@HOST_URL@@/api/employees/${user.customproperty1}", "httpMethod": "PUT", "httpParams": "{\"official_email\":\"${user.email}\"}", "httpHeaders": { "Authorization": "${access_token}", "Accept": "application/json" }, "httpContentType": "application/json", "successResponses": { "statusCode": 200 } } ] } } } NOTE: To update the back user to the HR source, please create a security System and Endpoint and respective Update rule Policies for Freshteam and run the provisioning Job without any filter in place. | The bindings supported are:
| Yes |
The connection package helps you build the connection with pre-defined JSONs, this can be used if your tenant does not already have out-of-the-box connection templates available. Here are the steps to import the Freshteam connection package.
Navigate to Admin → Transport → select Import Package.
Browse the downloaded package and Import.
Navigate to Admin → Connections → Select “Freshteam” Connection.
Edit the connection with your Freshteam tenant details.
You can use the Freshteam integration for performing user import after configuring it to meet your requirements.
To configure import, map all Freshteam attributes to EIC user attributes using UserImport JSON.
Full User import: When configuring the connection for the first time, first perform full import to import all existing Users from the target application to EIC. To perform full import, the invoke API gets response from the target application and maps the attributes in the target application with attributes in EIC.
The import jobs are automatically created in EIC after you create a connection for the Freshteam integration.
To import users:
Specify the connection and import parameters. For more information, see Configuration Parameters for User Import.
Note: Ensure that the connection type is selected as REST.
Configure the User Import via a Connection (UserImportJob) to import users. For more information about creating jobs, see Data Jobs.
Provisioning is automatically enabled when a connection is configured. For detailed information about performing provisioning tasks, see Access Request System.
To provision objects to the target application:
Specify the connection and provisioning parameters.
Note: Ensure that the connection type is selected as REST.
Configure the Provisioning job (WSRETRY). For more information, see Provisioning Jobs.
When a provisioning job is triggered, it creates provisioning tasks in EIC. When these tasks are completed, the provisioning action is performed on the target application through the connector.
To troubleshoot common problems with connectors, answer frequently asked questions, and provide solutions to a few common issues you might encounter while configuring or working with connectors, see Common Troubleshooting Guide for Connectors.
To troubleshoot common problems or obtain answers to frequently asked questions for REST connectors, see the REST Connector Guide.
Note: Ensure that you record the token expiry duration during the initial token generation. The connection may fail if the token is not refreshed.
