Database Table Connector how to not update mandatory fields in database

Sergio_Moreira · September 26, 2024, 6:04pm

Hello, community.

I’m learning ForgeRock IDM, currently focused on the 7.5.0 version.

I’m developing a Database Table Connector to integrate with a PostgreSQL database.

The complete scenario is:

Mapping from the HR connector to the LDAP directory
Return attributes created by IDM during the mapping to the HR, specially the userName and workforce e-mail.

The first part part was developed. However, during the mapping of the LDAP Directory to HR application it won’t be necessary to update all required fields in the table schema. Actually, the ideal scenario would be to send only the non-required fields in the database (the userName and workforce e-mail, since they are both going to be generated by the IDM). But, it states that is mandatory to send all the required attributes in this table of the database and whenever the reconciliation begins since not all required attributes are mapped it fails because of missing values.

Is there a way to not have to update all fields in the table, but only the ones it is necessary for this use case?

Thank you.

grpensa · September 26, 2024, 10:06pm

Will visiting the database connector and adjusting the user schema not satisfy your needs?

Sergio_Moreira · September 27, 2024, 5:18pm

@grpensa , sorry, I did not understand. Adjust the database schema?

Thank you for your collaboration.

mwtech · September 27, 2024, 9:00pm

Hi @Sergio_Moreira

This wouldn’t necessarily be a database schema adjustment, it would be a change to the provisioner file for the connector, which in this case I believe would be in the conf directory and named provisioner.openicf-qrhuddbusers.json (apologies if that isn’t accurate, it’s been a while since I used a generated database connector).
Within the provisioner file you will see a definition of objectTypes, one of which will be the __ACCOUNT__ object type. That object will have a number of properties defined with their own property definitions which will indicate (among other things) if the property is required or not (via the required boolean property). If the provisioner file has those fields defined as required, that will be reflected in the UI as well as enforced by the connector.

The provisioner file was potentially generated by the REST API or admin UI, and if that is the case it likely marked those fields as required due to the actual database schema marking those fields as not null or some equivalent thereof. If that is the case, the underlying database may need to be evaluated to determine if some changes are needed for those fields.

Please take a look at the provisioner file itself and let us know if modifying that required property addresses your needs.