Hi Jaspreet,
SCIM is the System for Cross-domain Identity Management, which uses a standardized API through REST in either JSON or XML format. See more here:
https://en.wikipedia.org/wiki/System_for_Cross-domain_Identity_ManagementThe two options are:
SCIM Connector - this is much like the LDAP or DB connectors in that you leverage Connector Xpress to map attributes to create a specific connector for a SCIM aware system. Since the API Portal exposes REST-based APIs using JSON for user management, this is an option to try. This would be the quickest and easiest to test.
API Gateway Connector - this is a more flexible option that also requires you to leverage Connector Xpress to map attributes to create a connector that would then communicate with the API Gateway (in this case acting as a Connector Server), which would have policies in place to take the data and then communicate with an external solution. There are several out-of-the-box examples such as the one for Office 365. Do not confuse this with a specific connector for API Portal, of which there is none. You will need experience with both Connector Xpress and API Gateway policies to pursue this option.
As I mentioned, these are ideas - I have not tested these. Your best course of action is to first use something like Postman to determine the APIs and JSON format you need to use until you are successful in doing these tasks using APIs. Once you have those, then try the SCIM option (documentation provided above) to create a connector for the API Portal.
Another option would be to reach out to your account team to see if you can obtain professional services to assist you.
Thanks,
Mike
------------------------------
Mike Berthold
Solution Architect
------------------------------
Original Message:
Sent: 04-17-2020 03:53 AM
From: Jaspreet Singh Bedi
Subject: Integrate Identity Manager with CA API Developer Portal
Hi Mike
Thanks for reply. But Its very confusing. Unable to understand.
In IDM version 12.6, there used to be sample connectors available in Installer package. Those were placed under folder Connector Server Samples as a zip file.
One of the sample connectors was sdkws. We can use it to integerate with SOAP based webservice application.
You suggested two options:
1. SCIM: I don't know what SCIM is. and how its linked to web service.
2. Web Service: In tech docs, If I navigate to Web Service Connector, it talks about API Gateway instead of talking about Web Service. Its very confusing. So now Broadcom provides web service connector only for CA API Gateway? what if we have some custom application based on web service. then we need to use SCIM?
Can you please give me some background of how things changed from 12.6 to 14.2 regarding developing custom connectors and especially about web service connector.
Regards
Jaspreet
Original Message:
Sent: 04-14-2020 09:10 AM
From: Mike Berthold
Subject: Integrate Identity Manager with CA API Developer Portal
Hi Jaspreet,
Since the API Developer Portal uses REST-based JSON, you can start by trying to use the SCIM connector (which supports REST-based JSON), documentation here: http://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-management-and-governance-connectors/1-0/connectors/other-connectors/scim-connector.html
If that proves too limiting, you can also try leveraging the API Gateway itself as part of a new custom connector: http://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-management-and-governance-connectors/1-0/connectors/web-services.html
I haven't had experience creating a connector for the Portal, so if anyone else has, please feel free to reply with your experience to help Jaspreet along.
Thanks,
Mike
------------------------------
Mike Berthold
Solution Architect
Original Message:
Sent: 04-14-2020 08:42 AM
From: Jaspreet Singh Bedi
Subject: Integrate Identity Manager with CA API Developer Portal
Hi Mike
Thanks for the reply.
I discussed this option with client. API Developer team don't want to do any changes or additional work on API Developer side.
They want IDM team to use APIs to provision users in API Developer Portal. Below is the link
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/4-3-1/publishers/portal-api-papi.html
I see , We can programmatically access key API Portal entities that are exposed as RESTful resources using the Portal API.
Can you help me with developing custom connector for Rest Web services.
Regards
Jaspreet
Original Message:
Sent: 04-07-2020 09:33 AM
From: Mike Berthold
Subject: Integrate Identity Manager with CA API Developer Portal
Yes, it supports (as outlined here https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-developer-portal/4-5/set-up-and-maintenance/configure-authentication-schemes.html ):
-AD
-LDAP
-SiteMinder
-SAML
-Internal DB (this would also be something you could use Connector Xpress to create a connector for).
------------------------------
Mike Berthold
Solution Architect
Original Message:
Sent: 04-07-2020 09:30 AM
From: Jaspreet Singh Bedi
Subject: Integrate Identity Manager with CA API Developer Portal
Hi Mike
Thanks for the reply. Yeah, I too was thinking about this possibility and asked API Developer team to check the same.
If it would be LDAP, it will be straight forward.
If API Developer Portal supports other user stores too in addition to LDAP?
Regards
Jaspreet
Original Message:
Sent: 04-07-2020 09:20 AM
From: Mike Berthold
Subject: Integrate Identity Manager with CA API Developer Portal
Hi Jaspreet,
This will depend on what user store you're using for authenticator in API Developer Portal. For instance, if you're using an LDAP directory, you would then create a connector using Connector Xpress as outlined here: http://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/identity-management-and-governance-connectors/1-0/connectors/dynamic-connectors-connector-xpress/connector-xpress.html
------------------------------
Mike Berthold
Solution Architect
Original Message:
Sent: 04-07-2020 09:08 AM
From: Jaspreet Singh Bedi
Subject: Integrate Identity Manager with CA API Developer Portal
Hi Friends
We need to integrate Identity Manager with CA API Developer Portal . We need to provision IDM users in API Developer Portal.
I don't see Endpoint Type for API Developer Portal.
Neither do I find any documentation or link for integration steps.
Could someone please give me an idea of how this integration can be done. Thanks
Regards,
Jaspreet