[midPoint] Configuring SCIM / Slack connector
Keith Hazelton
keith.hazelton at wisc.edu
Fri Sep 29 13:04:14 CEST 2017
I get an error on ‘Test Connection’ after configuring the midPoint SCIM connector (v 1.4.4) for Slack.com
Using Postman I can successfully access the SCIM endpoint at Slack with my assigned bearer token:
GET https://api.slack.com/scim/v1/Schemas/Groups
Authorization header: xoxp-…… {the token value for my Slack account}
Accept header: application/json
The response code from Postman is 200
The top of the response body is
{
"name": "Group",
"description": "Core Group",
"schema": "urn:scim:schemas:core:1.0",
"endpoint": "/Groups",
"attributes": [
{
"name": "id",
"type": "string",
"multiValued": false,
…
On ‘Test connection’ in the Resource section of the midPoint (3.6) UI, I get the ‘UnknownHostException’ error messages shown belo:
[cid:image001.png at 01D338E8.C65A9670]
Here are the sanitized contents of the current configuration file for this midPoint connector:
<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
oid="86437f3a-661a-4135-876a-233b67256bf0"
version="5">
<name>Slack</name>
<description>Slack Accounts</description>
<metadata>
<modifyTimestamp>2017-09-29T10:27:59.189Z</modifyTimestamp>
<modifierRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
relation="org:default"
type="tns:UserType"/>
<modifyChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</modifyChannel>
</metadata>
<operationExecution id="1">
<timestamp>2017-09-28T22:46:26.359Z</timestamp>
<operation>
<objectDelta>
<t:changeType>modify</t:changeType>
<t:objectType>c:ResourceType</t:objectType>
</objectDelta>
<executionResult>
<operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
<status>success</status>
<token>1000000000000027617</token>
</executionResult>
<objectName>Slack</objectName>
</operation>
<status>success</status>
<initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
relation="org:default"
type="c:UserType"/>
<channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
</operationExecution>
<operationExecution id="2">
<timestamp>2017-09-29T10:27:59.227Z</timestamp>
<operation>
<objectDelta>
<t:changeType>modify</t:changeType>
<t:objectType>c:ResourceType</t:objectType>
</objectDelta>
<executionResult>
<operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
<status>success</status>
<token>1000000000000029482</token>
</executionResult>
<objectName>Slack</objectName>
</operation>
<status>success</status>
<initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
relation="org:default"
type="c:UserType"/>
<channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
</operationExecution>
<operationalState>
<lastAvailabilityStatus>broken</lastAvailabilityStatus>
</operationalState>
<connectorRef oid="0a71bfb2-a5ad-424f-b45b-cce972d82cbe"
relation="org:default"
type="c:ConnectorType"/>
<connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:configurationProperties xmlns:gen935="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.scim.connector-scim/com.evolveum.polygon.scim.ScimConnector">
<gen935:authentication>Token</gen935:authentication>
<gen935:token>
<t:encryptedData>
<t:encryptionMethod>
<t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
</t:encryptionMethod>
<t:keyInfo>
<t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
</t:keyInfo>
<t:cipherData>
<t:cipherValue>VGQr…mKPC</t:cipherValue>
</t:cipherData>
</t:encryptedData>
</gen935:token>
<gen935:userName>khazelton</gen935:userName>
<gen935:password>
<t:encryptedData>
<t:encryptionMethod>
<t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
</t:encryptionMethod>
<t:keyInfo>
<t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
</t:keyInfo>
<t:cipherData>
<t:cipherValue>iJt9p…MZA=</t:cipherValue>
</t:cipherData>
</t:encryptedData>
</gen935:password>
<gen935:endpoint>https://api.slack.com/scim</gen935:endpoint>
<gen935:version>/v1</gen935:version>
<gen935:loginURL>https://slack.com/signin</gen935:loginURL>
<gen935:service>Code</gen935:service>
<gen935:baseUrl>https://api.slack.com</gen935:baseUrl>
</icfc:configurationProperties>
</connectorConfiguration>
</resource>
I’m not sure why the username and password are needed for this connector since the Slack API uses a bearer token security scheme.
Appreciate any hints on where I’m wrong, --Keith Hazelton
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170929/20ff91b9/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 72332 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170929/20ff91b9/attachment.png>
More information about the midPoint
mailing list