Uploaded image for project: 'OpenICF'
  1. OpenICF
  2. OPENICF-859

Rewrite the current Salesforce connector as ICF connector




      Epic Story

      As an administrator, I can connect my IDM product with my Salesforce instance to allow my IDM to manage this application and be able to perform CRUS operations based on predefined policies and rules so that I can adequately automate day to day tasks and maintain the proper level of compliance.


      This story will describe the functional requirements to support IDM out of the box connectivity to salesforce target system. The connect integration with Salesforce is built as a module embedded in IDM and not as an ICF connector. Based on Zendesk, ~45 issues were raised by customers regarding salesforce connector since 2017


      The Salesforce.com connector let customers administer the account objects on Salesforce.com endpoints.

      This lists the tasks that the ICF connector will allow the application to do:

        1. Connecting to target via Oauth is the preferred approach
        2. Scan endpoint to detect customer schema including custom attributes
        3. Create, update, suspend, resume, or rename a Salesforce.com user, contact etc
          The Salesforce.com connector cannot delete a Salesforce.com user as this operation is not supported by the target system. Instead, the connector will allow you suspend the account on the Salesforce.com endpoint.
        4. Rename users
        5. Assign and unassign a public group to a user
          The Salesforce.com connector cannot provision private groups as those are managed by the users
        6. Assign and unassign a role to a user
        7. Assign and unassign a profile to a user
        8. Suspend and resume the account of a user

      Privileges Required to Connect to Salesforce.com

      To connect to a Salesforce.com endpoint, ForgeRock MUST require the min right needed to perform the connector tasks

      Out of scope

      Supporting materials

      salesforce new REST - https://developer.salesforce.com/docs/atlas.en-us.api_rest.meta/api_rest/using_resources_working_with_records.htm

      Link to UX:

      Acceptance Criteria:

      1. All open bugs and enhancements in backlog were reviewed and resolved (current count is 3)
      2. The connector is using the latest Salesforce API version (v.42)
      3. All underline issues have resolved
      4. New connector sample provided
      5. Non-Functional requirements met
      6. Automated test coverage # API tests pass
      7. End-to-end integration completed
      8. Regression tests pass
      9. Meets defined market expectations
      10. Product Documentation is completed and signed off
      11. Feature is demo'ed in its entirety


          Issue Links



              emanuel.brici Emanuel Brici
              tal.herman Tal Herman [X] (Inactive)
              0 Vote for this issue
              4 Start watching this issue