LogoLogo
3.1.7
3.1.7
  • Getting Started
    • What is Cymmetri?
    • Release Notes
      • 3.0.1-Beta
      • 3.0.2-Beta
      • 3.0.3-Beta
      • 3.0.4-Beta
      • 3.0.5-Beta
      • 3.0.6-Beta
      • 3.0.7-Beta
      • 3.0.8-Beta
      • 3.0.9-Beta
      • 3.0.10-Beta
      • 3.0.11-Beta
      • 3.0.12-Beta
      • 3.1.0 - Product Release
      • 3.1.1-Beta
      • 3.1.2 - Product Release
      • 3.1.3-Beta
      • 3.1.4-Beta
      • 3.1.5-Beta
      • 3.1.6 -Beta
      • 3.1.7 - Product Release
      • 3.1.8 -Beta
      • 3.1.9-Beta
      • 3.1.10-Beta
      • 3.1.11-Beta
      • 3.1.12-Beta
      • 3.1.13-Beta
      • 3.1.15 -Beta
      • 3.1.16
      • 3.1.17
      • 3.1.18
      • 3.1.15 - Product Release
      • 3.0.x Consolidated
      • 3.1.x Consolidated
    • Starting your Cymmetri Trial
    • Admin Dashboard
    • Accessing Cymmetri
    • Supported Web Browsers
    • Cymmetri Error Codes
    • Help
    • Personalization
      • General Config
      • Admins
      • Masters in Cymmetri
      • Personalize Notification Templates
      • Tenant Branding
      • Custom Attributes
      • API Client
      • Batch Tasks
      • API Extension
    • Global Search
  • Identity Hub
    • Managing Users and Groups
      • User Management
      • User Detail
      • Create Users
      • Edit Users
      • Create Groups
      • Importing Users
      • Assigning Users to Groups
      • Delegation
        • Setting up Delegation
        • Delegating Work to Delegatee
        • Accepting Delegation
      • Suspended Users
      • Archived Users
      • All Users Session
    • Authentication
      • Identity Provider
        • Internal IDP
          • Introduction
          • Internal Identity Provider Configuration: Cymmetri
          • Internal Identity Provider Configuration: Active Directory
          • Internal Identity Provider Configuration: LDAP
        • External IDP
          • Introduction
          • External Identity Provider Configuration - Google IDP
          • External Identity Provider Configuration - Azure IDP
          • External Identity Provider Configuration - Salesforce IDP
      • Service Provider
      • Authentication Rules
      • Password Policy
      • Global Auth Policy
      • Adaptive
    • Attribute Setting
    • Password Filter
    • Logs
      • Audit Log
      • Import History
      • Scheduler History
  • Lifecycle Management
    • Application Management
      • Support for Application Management
      • Getting Started
        • Introduction to Application Management
        • Adding Applications to be managed by Cymmetri
        • Assigning Applications to End Users
        • Application Detail
        • Dynamic Forms
        • Configuring Connector Server
        • 360 Degree Recon
      • Provisioning How to
        • Cymmetri Connector List
        • Supported Provisioning Operations
        • Azure Provisioning
        • Active Directory (AD) Provisioning
        • Google Workspace Provisioning
        • LDAP Provisioning
        • Powershell Provisioning
        • REST Connector Provisioning
        • SCIM v2.0 Provisioning with Basic Authentication
        • SCIM 2.0 with Bearer Authentication
        • SCIM 2.0 with Fixed Bearer
        • Github Provisioning
        • ServiceNow Provisioning
        • AMAYA
        • HRMS
          • Darwin Box
        • Database Provisioning
        • CSV Directory (Flat-file)
        • Managing Manual Application Assignments
        • SOAP Connector (XML)
        • Integration with Service Desk Management Systems
      • Reconciliation How to
        • Configuring Reconciliation Process
      • Rules
        • Provisioning
        • Deprovisioning
    • Workflow Management
      • Workflow Configuration
      • Workflow Rules
      • Pending Workflows
      • Workflows List
    • Teams Config
    • Configuring Webhooks
    • On Demand Access
    • Form Logic
  • Single Sign On
    • Introduction
    • SSO Configuration
      • SAML 2.0 Based SSO
      • API Based SSO
      • OpenID Connect Based SSO
    • Multifactor Authentication(MFA)
      • Introduction
      • Cymmetri Authenticator
      • Push Authenticator
      • Google Authenticator
      • SMS Authenticator
      • Secret Questions
      • FIDO Authenticator
      • Admin MFA Setting
    • Passwordless
      • Introduction
      • TOTP Based
      • OTP Based
      • Consent Based
      • FIDO Based
  • My Workspace
    • Getting Started
      • Introduction
      • First Time User Registration
      • End User Login Process
      • Forgot Password & Unlock Account
      • User Settings
    • How to use the My Workspace
      • Dashboard
      • My Access
      • Inbox
      • Team
      • On Behalf
  • Privileged Access Management
    • PAM Administration
      • Introduction to Privilege Access Management (PAM)
      • How to Access PAM in Cymmetri
      • Sub-Sections of PAM
      • Steps to configure PAM Server
      • Adding a device/ server in PAM
      • Vault User
      • Vaulting Configuration
      • Break Glass Configuration
      • PAM Reports and PAM History
      • Dormancy Disable Config
    • PAM Usage
      • Assign a server to a user
      • Access the server
  • Governance
    • Compliance Management
      • IGA Policy Violations
    • Insights
      • Reports
      • Risk
      • Management Dashboards
        • CISO Dashboard
        • CRO Dashboard
      • Industry Compliance
    • Access Certification
      • Setting up and managing Access Reviews
    • Recommendation Engine
    • Role Management
      • Role Mining
      • Entitlements
      • Managing Roles in Cymmetri
    • Segregation Of Duties (SOD)
  • Self-Service App
  • Analytics
    • Cymmetri Analytics
Powered by GitBook

Cymmetri.com

On this page

Was this helpful?

Export as PDF
  1. Lifecycle Management
  2. Application Management
  3. Provisioning How to

SOAP Connector (XML)

Was this helpful?

Inside User Configuration, add the Base Addresses of the target system SOAP APIs and add the Create, Update, and Delete Groovy Scripts. These scripts will perform the related CRUD operations at the target system using SOAP.

It is an example where the Create Script will be added. Similarly, add the other Scripts under the User Configuration

Add Relevant Connector Server, Port, and other details under the server configuration tab.

a. Set up Policy Attributes.

Go to the Policy Attributes on the left side menu. Add the user attributes that need to be involved in the CRUD Operations as named in the target system.

b. Set up Policy Map

This corresponds to the mapping of the fields in the target system with Cymmetri Fields

Step 1: Add and configure a new Custom Web Services Application

a. Go to Applications > Add New > Change Application Label > Click on Add Application.

This will add the application to be provisioned.

b. Set up Application Provisioning

Once the application is added, open the application and click on the provisioning

To add a mapping, click on the add Cymmetri field and add the field details.

Application Field - Field name of the target application

Cymmetri Field- Field name in the Cymmetri.

Check Is USER Principal option for the uniqueness of that particular field as per the target system,

Check Create Only and Update Only if the CREATE/UPDATE operation is required for that field.

Click on Save.

Now the application is ready for provisioning.

Step 2: Add/Update/Delete Application to the User.

Go to the user to whom the application needs to be assigned. Click on the add new button. Now select the newly created application for provisioning and click on assign.

Configure the Application Access Details and click on Save

Now User is Assigned to the target application.

Along with the Cymmetri adding the target application and its details to its database, the target application too will save the user details of the cymmetri.

Sending the details to the target application is done using a rest connector whose configuration is done under the provisioning section in step 1. This rest connector has groovy scripts for CRUD Operations.

The create groovy script is used to create the user in the target application. This create script prepares the required payload by referring to the policy attributes and policy mapping and calls the target system’s CREATE API. The target application returns a UID which is used for future purposes like update and delete.

We can edit the user details from the user profile. Along with updating the details into Cymmetri this will call the Update Groovy Script present in the User Configuration and perform the update operation in the target application for the user.

Delete a User is deprovisioning the user from the application. This is done using the delete option. This calls the delete groovy script to remove the user from the target application thus deprovisioning it. Once deleted the user is removed from the target system.

Step 3: Reconciliation/Syncing(PULL) user data into Cymmetri from the Target System.

The synchronization code is written inside the sync Groovy script. Sync Script fetches the user data from the target system and passes it to the Cymmetri, which further processes it according to the reconciliation condition specified.

Reconciliation is started by creating a reconciliation object under the tab mentioned below.

Click on ADD New to create a new Reconciliation PULL object. Add the cymmetri(Sync Field) and Target field (Source Attributes) mapping against which the sync action will be performed.

Now specify the pull conditions as per the requirement and click on save. A new recon object is created.

Click on the edit option on the recon object to run the reconciliation.

Clicking on Run Now will trigger the reconciliation PULL Process.

Reconciliation history can be checked under the history tab.

Assumptions and Observations

· The Target Application considered is any SOAP API and the groovy scripts are created to call these soap APIS.

· CRUD and Sync Groovy Scripts added in this Word document remain the same except for a few changes.

a. The request body of the target system to be sent will change. It will be in the form of a String XML.

b. The Sending/Receiving Response of the SOAP web services will remain the same.

c. Once the XML response is received from the SOAP API, this response has to be parsed into JSON by reading the child nodes of the XML.

d. After a user is created into the target system using the create groovy script, the user ID received in the xml response has to be parsed and saved. This UID is used later for update/delete operations.

e. Sync records received from target soap API has to be parsed and collected into an array and passed to the Cymmetri.