Description | Non Employee Risk Management (NERM) Users Connector | |
Legal Agreement | By using this CoLab item, you are agreeing to SailPoint’s Terms of Service for our developer community and open-source CoLab. | |
Repository Link | https://github.com/sailpoint-oss/colab-saas-conn-nerm-users | |
New to SaaS connectors in the CoLab? | Read the getting started guide for SaaS Connectors in the CoLab. | |
Supported by | Community Developed |
Overview
This connector is used to aggregate NERM user accounts and roles. It is not a connection to NERM as an authoritative source.
Requirements
Configuring
When configuring a new source using this connector, the following parameters must be provided:
- NERM Base URL - This is the base URL of the NERM API (i.e. https://<customer>.seczetta.com/api)
- Authentication Token - The API Key that was generated in NERM
https://documentation.sailpoint.com/ne-admin/help/setup/api.html - (optional) Number of records to fetch at a time - If not specified, a default limit of 100 is used. Some APIs allow for a maximum of 500 but this value should not exceed 100.
https://developer.sailpoint.com/nerm/api/pagination-metadata-filtering
Additional Steps
- In the account schema, the attribute type of the “roles” attribute must be changed to
role
. This is because the connector specification only allows for primitive types by default. Only after this correction is made can you perform an entitlement aggregation and subsequent account aggregation.
Notes
- The
manager_id
attribute is the ID of the user’s manager’s account in NERM - The API allows for multiple user-manager relationships but this connector only supports one
- The
login
attribute is unique across all accounts in NERM and should not be included in attribute sync