and more in a single search tool across platforms. Read the announcement here. |
02/08/2024 01:57 AM - edited 02/12/2024 09:24 PM
Disclaimer
The integration was created by Saviynt community users.. The integration is available “as is” and falls under standard connectors support for REST, SOAP, JDBC, LDAP, PowerShell, Jar, and Saviynt Connector Framework.
This guide describes the integration between Saviynt Enterprise Identity Cloud (EIC) and VectorFlow.
This guide is intended for administrators and target application integration teams responsible for implementing a secure integration service with VectorFlow.
VectorFlow(VF) is the Physical Workforce Identity Management Suite automates many aspects of the visitor and employee identity lifecycle through a single interface that provides them with the best and most secure identity management experience.
This enables the business in the following areas:
The aim is to better management access control issue throughout bp and improve physical security/access to bp properties.
Business wants to integrate Vectorflow with Saviynt for automated user creation/management in Vectorflow.
The VectorFlow connector enables you to seamlessly integrate with VectorFlow to manage the user lifecycle and govern access to their accounts and workspaces.
For more information about different connectors in EIC, see Connectors Documentation.
The VectorFlow integration supports the following features:
You must create an integration between EIC and the collaboration platform hosted by the target application to perform import, provisioning, and de-provisioning tasks. The following components are involved in the integration:
EIC uses a REST connection for integrating with VectorFlow for importing data and for performing provisioning and de-provisioning tasks.
The following diagram illustrates the integration architecture and communication with the target application.
VectorFlow Account Attribute | Saviynt Account Attribute |
id | accountID |
username | name |
name.firstname | displayName |
name.firstname | customproperty1 |
name.lastname | customproperty2 |
status | customproperty3 |
status | status |
username | customproperty4 |
id | customproperty5 |
corporateid | customproperty6 |
location.site | customproperty7 |
email.primary | customproperty8 |
email.secondary | customproperty9 |
type | customproperty10 |
userdefined.text1 | customproperty11 |
userdefined.text2 | customproperty12 |
userdefined.text3 | customproperty13 |
userdefined.text4 | customproperty14 |
userdefined.text5 | customproperty15 |
userdefined.text6 | customproperty16 |
userdefined.text7 | customproperty17 |
userdefined.text8 | customproperty18 |
companyname | customproperty19 |
companycode | customproperty20 |
hiringcompanyname | customproperty21 |
managerusername | customproperty22 |
address.country | customproperty23 |
address.city | customproperty24 |
dates.start | customproperty25 |
dates.end | customproperty26 |
job.title | customproperty27 |
phone.work | customproperty28 |
phone.mobile | customproperty29 |
Connection refers to the configuration setup for connecting EIC to target applications. For more information about the procedure to create a connection, see Creating Connections.
While creating a connection, you must specify connection parameters that the connector uses to connect with the target application, define the type of operations to perform, the target application objects against which those operations are performed, and the frequency of performing them. In addition, you can view and edit attribute mappings between EIC and the target application, predefined correlation rules, and provisioning jobs and import jobs.
The Connection Package helps you build the connection with pre-defined JSONs, this can be used if your tenant does not already have out of the box connection templates available. Here are the steps to import the VectorFlow connection package.
The connection JSON cannot be embedded in the Connection Package. Hence attaching the Connection JSON separately
The OAUTH 2.0 Token is retrieved using two calls here.
{ "authentications": { "acctAuth": { "authType": "oauth2", "url": "https://<URL>/api/v2/authen", "httpMethod": "POST", "httpParams": "{\"username\":\"<scim-api-user>\",\"apikey\":\"${refresh_token}\"}", "httpHeaders": { "Content-Type": "application/json" }, "httpContentType": "application/json", "authError": [ "API Key Not Registered", "User is Not Authorized" ], "retryFailureStatusCode": [ 401, 403, 500, 403, 502 ], "errorPath": "message", "maxRefreshTryCount": 5, "tokenResponsePath": "sessionId", "refreshType": "RefreshToken", "tokenType": "Bearer", "accessToken": "Bearer abcd", "refreshToken": "abcd", "refreshTokenAuthError": [ "API Key Not Registered", "ApiKey can Not be Blank" ], "refreshTokenErrorPath": "message", "refreshTokenCall": { "refreshTokenResponsePath": "apiKey", "url": "https://<URL>/api/v2/register", "httpMethod": "POST", "httpParams": "{\"username\":\"<scim-api-user>\",\"password\":\"<password>\"}", "httpHeaders": { "Content-Type": "application/json" }, "httpContentType": "application/json" } } } } |
The security system represents the connection between EIC and the target application. For more information on creating a security system, see Creating a Security System.
Endpoint refers to the target application used to provision accounts and entitlements (access). For more information on creating an endpoint, see Creating Endpoints..
You can use the VectorFlow integration for performing import and provisioning operations after configuring it to meet your requirements.
You must apply the following guidelines for configuring import:
The import jobs are automatically created in EIC after you create a connection for the VectorFlow integration. For more information about creating jobs, see Data Jobs.
You must import accounts after the users are available in EIC.
To import accounts:
Provisioning is automatically enabled when a connection is configured. For detailed information about performing provisioning tasks, see Access Request System.
To provision objects to the target application:
When a provisioning job is triggered, it creates provisioning tasks in EIC. When these tasks are completed, the provisioning action is performed on the target application through the connector.
To troubleshoot common problems with connectors, answer frequently asked questions, and provide solutions to a few common issues you might encounter while configuring or working with connectors, see Common Troubleshooting Guide for Connectors.
To troubleshoot common problems or obtain answers for frequently asked questions for REST connectors, see the REST Connector Guide.