-
Notifications
You must be signed in to change notification settings - Fork 1
Example configuration
Hiroyuki Wada edited this page May 27, 2022
·
2 revisions
This connector automatically generates a user schema for each Auth0 connection. For example, if the default "Username-Password-Authentication" connection is enabled, the user schema is generated with the object class "User_Username-Password-Authentication".
Note: The following sample configuration assumes that the "Username-Password-Authentication" connection exists in Auth0.
<?xml version="1.0" encoding="UTF-8"?>
<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<name>Auth0-Simple</name>
<connectorRef relation="org:default" type="c:ConnectorType">
<filter>
<q:and>
<q:equal>
<q:path>c:connectorType</q:path>
<q:value>jp.openstandia.connector.auth0.Auth0Connector</q:value>
</q:equal>
</q:and>
</filter>
</connectorRef>
<connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:connectorPoolConfiguration>
<icfc:minEvictableIdleTimeMillis>15000</icfc:minEvictableIdleTimeMillis>
<icfc:minIdle>1</icfc:minIdle>
<icfc:maxIdle>5</icfc:maxIdle>
<icfc:maxObjects>10</icfc:maxObjects>
</icfc:connectorPoolConfiguration>
<icfc:resultsHandlerConfiguration>
<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
</icfc:resultsHandlerConfiguration>
<icfc:configurationProperties xmlns:gen664="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/jp.openstandia.connector.connector-auth0/jp.openstandia.connector.auth0.Auth0Connector">
<gen664:domain>your-auth0-domain</gen664:domain>
<gen664:clientId>...</gen664:clientId>
<gen664:clientSecret>...</gen664:clientSecret>
</icfc:configurationProperties>
</connectorConfiguration>
<schemaHandling>
<objectType>
<kind>account</kind>
<intent>default</intent>
<displayName>User</displayName>
<default>true</default>
<objectClass>ri:User_Username-Password-Authentication</objectClass>
<attribute>
<c:ref>ri:email</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/emailAddress</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:nickname</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/nickName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:given_name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/givenName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:family_name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/familyName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/fullName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:picture</c:ref>
<outbound>
<strength>strong</strength>
<expression>
<value>https://example.org</value>
</expression>
</outbound>
</attribute>
<attribute>
<c:ref>ri:email_verified</c:ref>
<fetchStrategy>implicit</fetchStrategy>
<outbound>
<strength>strong</strength>
<expression>
<value>true</value>
</expression>
</outbound>
</attribute>
<credentials>
<password>
<outbound>
<expression>
<asIs/>
</expression>
</outbound>
</password>
</credentials>
<activation>
<administrativeStatus>
<outbound>
<strength>strong</strength>
<expression>
<asIs/>
</expression>
</outbound>
</administrativeStatus>
</activation>
</objectType>
</schemaHandling>
<synchronization>
<objectSynchronization>
<name>user sync</name>
<objectClass>ri:User_Username-Password-Authentication</objectClass>
<kind>account</kind>
<intent>default</intent>
<focusType>c:UserType</focusType>
<enabled>true</enabled>
<correlation>
<q:equal>
<q:path>c:emailAddress</q:path>
<expression>
<path>$projection/attributes/ri:email</path>
</expression>
</q:equal>
</correlation>
<reconcile>false</reconcile>
<reaction>
<situation>linked</situation>
<synchronize>true</synchronize>
</reaction>
<reaction>
<situation>deleted</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink</handlerUri>
<!-- <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#deleteFocus</handlerUri> -->
</action>
</reaction>
<reaction>
<situation>unlinked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
</action>
</reaction>
</objectSynchronization>
</synchronization>
</resource>
Note: The following sample configuration assumes that the "sms" connection exists in Auth0.
<?xml version="1.0" encoding="UTF-8"?>
<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<name>Auth0-SMS</name>
<connectorRef relation="org:default" type="c:ConnectorType">
<filter>
<q:and>
<q:equal>
<q:path>c:connectorType</q:path>
<q:value>jp.openstandia.connector.auth0.Auth0Connector</q:value>
</q:equal>
</q:and>
</filter>
</connectorRef>
<connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:connectorPoolConfiguration>
<icfc:minEvictableIdleTimeMillis>15000</icfc:minEvictableIdleTimeMillis>
<icfc:minIdle>1</icfc:minIdle>
<icfc:maxIdle>5</icfc:maxIdle>
<icfc:maxObjects>10</icfc:maxObjects>
</icfc:connectorPoolConfiguration>
<icfc:resultsHandlerConfiguration>
<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
</icfc:resultsHandlerConfiguration>
<icfc:configurationProperties xmlns:gen664="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/jp.openstandia.connector.connector-auth0/jp.openstandia.connector.auth0.Auth0Connector">
<gen664:domain>your-auth0-domain</gen664:domain>
<gen664:clientId>...</gen664:clientId>
<gen664:clientSecret>...</gen664:clientSecret>
</icfc:configurationProperties>
</connectorConfiguration>
<schemaHandling>
<objectType>
<kind>account</kind>
<intent>default</intent>
<displayName>User</displayName>
<default>true</default>
<objectClass>ri:User_sms</objectClass>
<attribute>
<c:ref>ri:phone_number</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/telephoneNumber</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:phone_verified</c:ref>
<outbound>
<enabled>false</enabled>
<strength>strong</strength>
<expression>
<value>true</value>
</expression>
</outbound>
</attribute>
<activation>
<administrativeStatus>
<outbound>
<strength>strong</strength>
<expression>
<asIs/>
</expression>
</outbound>
</administrativeStatus>
</activation>
</objectType>
</schemaHandling>
<synchronization>
<objectSynchronization>
<name>user sync</name>
<objectClass>ri:User_sms</objectClass>
<kind>account</kind>
<intent>default</intent>
<focusType>c:UserType</focusType>
<enabled>true</enabled>
<correlation>
<q:equal>
<q:path>c:telephoneNumber</q:path>
<expression>
<path>$projection/attributes/ri:phone_number</path>
</expression>
</q:equal>
</correlation>
<reconcile>false</reconcile>
<reaction>
<situation>linked</situation>
<synchronize>true</synchronize>
</reaction>
<reaction>
<situation>deleted</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink</handlerUri>
<!-- <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#deleteFocus</handlerUri> -->
</action>
</reaction>
<reaction>
<situation>unlinked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
</action>
</reaction>
</objectSynchronization>
</synchronization>
</resource>
Note: The following sample configuration assumes that the "Username-Password-Authentication" connection exists in Auth0.
<?xml version="1.0" encoding="UTF-8"?>
<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<name>Auth0-Complex</name>
<connectorRef relation="org:default" type="c:ConnectorType">
<filter>
<q:and>
<q:equal>
<q:path>c:connectorType</q:path>
<q:value>jp.openstandia.connector.auth0.Auth0Connector</q:value>
</q:equal>
</q:and>
</filter>
</connectorRef>
<connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:connectorPoolConfiguration>
<icfc:minEvictableIdleTimeMillis>15000</icfc:minEvictableIdleTimeMillis>
<icfc:minIdle>1</icfc:minIdle>
<icfc:maxIdle>5</icfc:maxIdle>
<icfc:maxObjects>10</icfc:maxObjects>
</icfc:connectorPoolConfiguration>
<icfc:resultsHandlerConfiguration>
<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
</icfc:resultsHandlerConfiguration>
<icfc:configurationProperties xmlns:gen664="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/jp.openstandia.connector.connector-auth0/jp.openstandia.connector.auth0.Auth0Connector">
<gen664:domain>your-auth0-domain</gen664:domain>
<gen664:clientId>...</gen664:clientId>
<gen664:clientSecret>...</gen664:clientSecret>
</icfc:configurationProperties>
</connectorConfiguration>
<schemaHandling>
<objectType>
<kind>account</kind>
<intent>default</intent>
<displayName>User</displayName>
<default>true</default>
<objectClass>ri:User_Username-Password-Authentication</objectClass>
<attribute>
<c:ref>ri:email</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/emailAddress</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:nickname</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/nickName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:given_name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/givenName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:family_name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/familyName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/fullName</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:picture</c:ref>
<outbound>
<strength>strong</strength>
<expression>
<value>https://example.org</value>
</expression>
</outbound>
</attribute>
<attribute>
<c:ref>ri:email_verified</c:ref>
<outbound>
<strength>strong</strength>
<expression>
<value>true</value>
</expression>
</outbound>
</attribute>
<attribute>
<c:ref>ri:roles</c:ref>
<fetchStrategy>explicit</fetchStrategy>
</attribute>
<attribute>
<c:ref>ri:organizations</c:ref>
<fetchStrategy>explicit</fetchStrategy>
</attribute>
<credentials>
<password>
<outbound>
<expression>
<asIs/>
</expression>
</outbound>
</password>
</credentials>
<activation>
<administrativeStatus>
<outbound>
<strength>strong</strength>
<expression>
<asIs/>
</expression>
</outbound>
</administrativeStatus>
</activation>
<association>
<c:ref>ri:Role</c:ref>
<tolerant>false</tolerant>
<displayName>Role Membership</displayName>
<kind>entitlement</kind>
<intent>role</intent>
<direction>subjectToObject</direction>
<associationAttribute>ri:roles</associationAttribute>
<valueAttribute>ri:roleId</valueAttribute>
</association>
<association>
<c:ref>ri:Organization</c:ref>
<tolerant>false</tolerant>
<displayName>Organization Membership</displayName>
<kind>entitlement</kind>
<intent>organization</intent>
<direction>subjectToObject</direction>
<associationAttribute>ri:organizations</associationAttribute>
<valueAttribute>ri:orgId</valueAttribute>
</association>
</objectType>
<objectType>
<kind>entitlement</kind>
<intent>role</intent>
<displayName>Role</displayName>
<default>true</default>
<objectClass>ri:Role</objectClass>
<attribute>
<c:ref>ri:name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/name</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:description</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/description</c:path>
</source>
</outbound>
</attribute>
</objectType>
<objectType>
<kind>entitlement</kind>
<intent>organization</intent>
<displayName>Organization</displayName>
<default>false</default>
<objectClass>ri:Organization</objectClass>
<attribute>
<c:ref>ri:name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/name</c:path>
</source>
</outbound>
</attribute>
<attribute>
<c:ref>ri:display_name</c:ref>
<outbound>
<strength>strong</strength>
<source>
<c:path>$focus/displayName</c:path>
</source>
</outbound>
</attribute>
</objectType>
</schemaHandling>
<synchronization>
<objectSynchronization>
<name>user sync</name>
<objectClass>ri:User_Username-Password-Authentication</objectClass>
<kind>account</kind>
<intent>default</intent>
<focusType>c:UserType</focusType>
<enabled>true</enabled>
<correlation>
<q:equal>
<q:path>c:emailAddress</q:path>
<expression>
<path>$projection/attributes/ri:email</path>
</expression>
</q:equal>
</correlation>
<reconcile>false</reconcile>
<reaction>
<situation>linked</situation>
<synchronize>true</synchronize>
</reaction>
<reaction>
<situation>deleted</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink</handlerUri>
<!-- <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#deleteFocus</handlerUri> -->
</action>
</reaction>
<reaction>
<situation>unlinked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
</action>
</reaction>
</objectSynchronization>
</synchronization>
</resource>