MidPoint Provisioning Plugin
The MidPoint Provisioning Plugin provisions users to Evolveum midPoint using the midPoint REST API. (experimental)
This plugin is new with COmanage version 3.3.0 and is considered experimental.
Background
See COmanage midPoint Integration Approaches for more information.
This plugin implements the "COmanange Primary, midPoint Downstream" approach.
Operations
Registry CO Person Transaction | midPoint Action |
---|---|
Add | Synchronize CO Person with midPoint user |
Edit | Synchronize CO Person with midPoint user |
Enter Grace Period | Synchronize CO Person with midPoint user |
Expiration / Becomes Inactive | Synchronize CO Person with midPoint user |
Unexpire / Becomes Active | Synchronize CO Person with midPoint user |
Delete | Delete midPoint user |
Manual Provision | Synchronize CO Person with midPoint user |
Petition Provision | Synchronize CO Person with midPoint user |
Pipeline Provision | Synchronize CO Person with midPoint user |
Configuration
- This is a non-core plugin, see Installing and Enabling Registry Plugins for more information.
- Set up a midPoint installation.
- Specifics are beyond the scope of this document.
- The plugin was developed with the Getting Started with midPoint simple demo.
- Define a new Server in Registry.
- Servers > Add a New Server
- Type : HTTP
- Configure the Server as follows
- Server URL : base URL of midPoint REST API, for example https://midpoint.example.org/midpoint/ws/rest
- Username : username of appropriately privileged midPoint user (default is Administrator)
- Password : password of appropriately privileged midPoint user (default is 5ecr3t)
- Servers > Add a New Server
- Configure a new Provisioning Target in Registry.
- Configuration > Provisioning Targets > Add Provisioning Target
- Plugin: MidPointProvisioner
- On the next page, select the Server created in the previous step, as well as the identifier type that will be used as the person's midPoint username.
- Configuration > Provisioning Targets > Add Provisioning Target
Attribute Mapping
COmanage | midPoint |
---|---|
identifier | name |
generated CN | fullName |
primary given name | givenName nickName |
primary family name | familyName |
primary middle name | additionalName |
primary honorific | honorificPrefix |
primary suffix | honorificSuffix |
first mail address | emailAddress |