Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Map ExtensionProperty attribute - Azure AD connector

sushmita
Regular Contributor
Regular Contributor

I'm trying to pull in 'employeeId' from Azure AD via the connector. The attribute is embedded in the 'ExtensionProperty' attribute in Azure:

ExtensionProperty : {[odata.metadata,
https://graph.windows.net/$metadata#directoryObjects/@Element],
[odata.type, Microsoft.DirectoryServices.User], [createdDateTime, 4/24/2018 6:52:23 AM], [employeeId,
12345]...}

The regular mapping "customproperty4": "employeeId" doesn't work because the connector is unable to detect the employeeID field.

How can I extract it using the connector?

3 REPLIES 3

avinashchhetri
Saviynt Employee
Saviynt Employee

@sushmita,

There was a similar question asked in the forum before, please see if this helps.

https://forums.saviynt.com/t5/identity-governance/need-information-how-to-import-azure-active-direct...

 

 

Regards,
Avinash Chhetri

Hi Avinash,

I looked through the solution & had 2 questions:

- I'll need the employeeId attribute for provisioning. Keeping this in mind, does it make sense to use the graph API? 

- can I import extended attributes using the REST connector the same way as other attributes like below?

colsToPropsMap": {
          "customproperty1": "employee_number~#~char",
          "CUSTOMPROPERTY2": "last_name~#~char",
          "customproperty3": "name~#~char",
          "CUSTOMPROPERTY4": "first_name~#~char",
          "CUSTOMPROPERTY5": "department~#~char",
          "CUSTOMPROPERTY6": "location~#~char",
          "CUSTOMPROPERTY7": "email~#~char",
          "CUSTOMPROPERTY8": "manager~#~char",
          "CUSTOMPROPERTY9": "country~#~char",
          "CUSTOMPROPERTY10": "phone~#~char",
          "CUSTOMPROPERTY11": "title~#~char",
          "name": "user_name~#~char",
          "status": "active~#~char",
          "accountID": "sys_id~#~char"
        },

  

@sushmita,

Did you try out the reference solution ? Were you able to pull in the employeeID by modifying the AzureAD Connector ?

Provisioning does use a REST Connector, so you "should" be able to populate the employeeID values.

I have not used the REST Connector for AzureAD for reconciliation operations so I am not sure on the complexity and the effort involved.

 

 

Regards,
Avinash Chhetri