MidPoint Provisioning Plugin

The MidPoint Provisioning Plugin provisions users to Evolveum midPoint using the midPoint REST API.

This plugin is new with COmanage version 3.3.0 and is considered experimental.


Background

See COmanage midPoint Integration Approaches for more information.

This plugin implements the "COmanange Primary, midPoint Downstream" approach.

Operations

Registry CO Person Transaction

midPoint Action

Add

Synchronize CO Person with midPoint user

Edit

Synchronize CO Person with midPoint user

Enter Grace PeriodSynchronize CO Person with midPoint user
Expiration / Becomes InactiveSynchronize CO Person with midPoint user
Unexpire / Becomes ActiveSynchronize CO Person with midPoint user
DeleteDelete midPoint user

Manual Provision

Synchronize CO Person with midPoint user
Petition ProvisionSynchronize CO Person with midPoint user
Pipeline ProvisionSynchronize CO Person with midPoint user


Configuration

  1. This is a non-core plugin, see Installing and Enabling Registry Plugins for more information.
  2. Set up a midPoint installation.
    1. Specifics are beyond the scope of this document.
    2. The plugin was developed with the Dockerized midPoint simple demo.
  3. Define a new Server in Registry.
    1. Servers > Add a New Server
      1. Type : HTTP
    2. Configure the Server as follows
      1. Server URL : midPoint REST API URL, for example https://midpoint.example.org/midpoint
      2. Username : username of appropriately privileged midPoint user (default is Administrator)
      3. Password : password of appropriately privileged midPoint user (default is 5ecr3t)
  4. Configure a new Provisioning Target in Registry.
    1. Configuration > Provisioning Targets > Add Provisioning Target
      1. Plugin: MidPointProvisioner
      2. On the next page, select the Server created in the previous step, as well as the identifier type that will be used as the person's midPoint username.

Attribute Mapping

COmanagemidPoint
identifiername
generated CNfullName
primary given name

givenName

nickName

primary family name

familyName

primary middle nameadditionalName
primary honorifichonorificPrefix
primary suffixhonorificSuffix
first mail addressemailAddress

References :

midPoint common schema 

midPoint ObjectType 

midPoint UserType 

See Also