Database Table Connector how to not update mandatory fields in database

Hello, community.

I’m learning ForgeRock IDM, currently focused on the 7.5.0 version.

I’m developing a Database Table Connector to integrate with a PostgreSQL database.

The complete scenario is:

  1. Mapping from the HR connector to the LDAP directory
  2. Return attributes created by IDM during the mapping to the HR, specially the userName and workforce e-mail.

The first part part was developed. However, during the mapping of the LDAP Directory to HR application it won’t be necessary to update all required fields in the table schema. Actually, the ideal scenario would be to send only the non-required fields in the database (the userName and workforce e-mail, since they are both going to be generated by the IDM). But, it states that is mandatory to send all the required attributes in this table of the database and whenever the reconciliation begins since not all required attributes are mapped it fails because of missing values.

Is there a way to not have to update all fields in the table, but only the ones it is necessary for this use case?

Thank you.

Will visiting the database connector and adjusting the user schema not satisfy your needs?

@grpensa , sorry, I did not understand. Adjust the database schema?

Thank you for your collaboration.

Hi @Sergio_Moreira

This wouldn’t necessarily be a database schema adjustment, it would be a change to the provisioner file for the connector, which in this case I believe would be in the conf directory and named provisioner.openicf-qrhuddbusers.json (apologies if that isn’t accurate, it’s been a while since I used a generated database connector).
Within the provisioner file you will see a definition of objectTypes, one of which will be the __ACCOUNT__ object type. That object will have a number of properties defined with their own property definitions which will indicate (among other things) if the property is required or not (via the required boolean property). If the provisioner file has those fields defined as required, that will be reflected in the UI as well as enforced by the connector.

The provisioner file was potentially generated by the REST API or admin UI, and if that is the case it likely marked those fields as required due to the actual database schema marking those fields as not null or some equivalent thereof. If that is the case, the underlying database may need to be evaluated to determine if some changes are needed for those fields.

Please take a look at the provisioner file itself and let us know if modifying that required property addresses your needs.

2 Likes

Thanks for clarifying my approach for Sergio, @mwtech .

Correct, I typically commence an overall solution from the adapter side. Then in turn address identity objects then, attribute mapping.

@Sergio_Moreira , If you have not looked at openicf configuration, start here: Configure connectors :: ICF 1.5.20.23

1 Like