I have configured a SCIM 2.0 connector in IdentityIQ. This works fine and I can aggregate accounts and provision a new account.
It only works with the ‘base’ schema - urn:ietf:params:scim:schemas:core:2.0:User
How do I add in the extended schema - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User - so I can get the manager value or the department?
I can see in Postman this appears as follows
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"division": "Home",
"department": "Houston",
"manager": {
"value": "fb1c1177-9564-45ce-91ca-8ee61ed481b6",
"$ref": "/api/v2/scim/v2/users/fb1c1177-9564-45ce-91ca-8ee61ed481b6"
}
}
I have looked in the Connectors Config Guide (PDF) but I cant work it out.
Maybe I need to use SchemaPropertyMapping urn=“urn:ietf:params:scim:schemas:extension:enterprise:2.0:User” in a SCIM 2.0 application? Not sure how to do this though to add it to account.
I see this in IIQ log - so not retrieving any Extended Schema attributes
openconnector.connector.scim2.SCIM2Connector:138 - Entering mapObjectTypeToSCIMResource()
openconnector.connector.scim2.SCIM2Connector:150 - Exiting mapObjectTypeToSCIMResource = User
openconnector.connector.scim2.SCIM2Connector:138 - Entering getResourceTypeExtendedSchemaList(resourceType = User)
openconnector.connector.scim2.SCIM2Connector:138 - Entering getSCIMContext(reloadContext = false)
openconnector.connector.scim2.SCIM2Connector:150 - Exiting getSCIMContext = openconnector.connector.scim2.SCIM2Context@729a807a
openconnector.connector.scim2.SCIM2Connector:150 - Exiting getResourceTypeExtendedSchemaList = []
Appreciate any assistance
2 Likes
Hey @jasonrossme ,
Thanks for posting in the Developer Community forum! Let me reach out to the connector folks on the IIQ team and gather some feedback for you.
1 Like
Quick question: Did we perform discover schema, if yes, then is manager added to said schema?
1 Like
Hi Michael,
In the IIQ log with trace enabled, I can see Exiting getSchemaMap = { … urn:ietf:params:scim:schemas:extension:enterprise:2.0:User=sailpoint.scim.common.Schema@78cb1faa} but dont see any other mention of the enterprise schema or any of these attributes (eg Manager or Division)
I tried many different ways to update the application.xml, but none seem to work.
eg.
<entry key="schemaPropertyMappings">
<value>
<List>
<SchemaPropertyMapping urn="urn:ietf:params:scim:schemas:extension:enterprise:2.0:User">
<AttributePropertyMapping getter="openconnector.connector.scim2.SCIM2ExtendedPropertyGetter" name="division" property="division" setter="openconnector.connector.scim2.SCIM2ExtendedPropertySetter"/>
<AttributePropertyMapping getter="openconnector.connector.scim2.SCIM2PropertyGetter" name="department" property="department" setter="openconnector.connector.scim2.SCIM2PropertySetter"/>
<AttributePropertyMapping getter="openconnector.connector.scim2.SCIM2ExtendedComplexPropertyGetter" name="manager" property="manager" setter="openconnector.connector.scim2.SCIM2ExtendedPropertySetter">
<AttributePropertyMapping name="value" property="value"/>
</AttributePropertyMapping>
</SchemaPropertyMapping>
<SchemaPropertyMapping urn="urn:ietf:params:scim:schemas:core:2.0:User">
<AttributePropertyMapping getter="openconnector.connector.scim2.SCIM2PropertyGetter" name="userName" property="userName" setter="openconnector.connector.scim2.SCIM2PropertySetter"/>
<AttributePropertyMapping getter="openconnector.connector.scim2.SCIM2PropertyGetter" name="displayName" property="displayName" setter="openconnector.connector.scim2.SCIM2PropertySetter"/>
<AttributePropertyMapping getter="openconnector.connector.scim2.SCIM2PropertyGetter" name="title" property="title" setter="openconnector.connector.scim2.SCIM2PropertySetter"/>
Any insight or assistance is very much appreciated, thank you
baonc
September 26, 2022, 9:03am
5
Hi Jason, have you resolved this issue? now I am also facing this issue when trying to get attribute from Enterprise Extension schema.
kirankri
March 14, 2023, 5:36am
6
Hi Jason/ Bao, Even we are facing the same issue. Please let know if you guys found the solution.