[midPoint] Configuring SCIM / Slack connector

Matus Macik matus.macik at evolveum.com
Fri Sep 29 15:41:55 CEST 2017 

Hello Keith,

Did you follow the configuration section of the connectors wiki page? https://wiki.evolveum.com/display/midPoint/SCIM+v1+Slack+connector
There are multiple fields which are dedicated for using the SCIM connector to connect to some other types of resource (which speaks SCIM) (i.e. SalesForce). You just need to use the ones required by slack. Yet it looks like you found a place where some better error handling would come to use. I will fix it in the next iteration.

Best regards,

Matus Macik | Developer and Identity Management Engineer
matus.macik at evolveum.com | www.evolveum.com
Evolveum

From: Keith Hazelton
Sent: Friday, September 29, 2017 1:08 PM
To: midPoint General Discussion
Subject: [midPoint] Configuring SCIM / Slack connector

I get an error on ‘Test Connection’ after configuring the midPoint SCIM connector (v 1.4.4) for Slack.com

Using Postman I can successfully access the SCIM endpoint at Slack with my assigned bearer token:

GET   https://api.slack.com/scim/v1/Schemas/Groups

Authorization header: xoxp-…… {the token value for my Slack account}
Accept header:  application/json

The response code from Postman is 200

The top of the response body is

{
    "name": "Group",
    "description": "Core Group",
    "schema": "urn:scim:schemas:core:1.0",
  "endpoint": "/Groups",
    "attributes": [
        {
            "name": "id",
            "type": "string",
            "multiValued": false,
…

On ‘Test connection’ in the Resource section of the midPoint (3.6) UI, I get the ‘UnknownHostException’ error messages shown belo:



Here are the sanitized contents of the current configuration file for this midPoint connector:

<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
          xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
          xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
          xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
          xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
          xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
          xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
          oid="86437f3a-661a-4135-876a-233b67256bf0"
          version="5">

   <name>Slack</name>
   <description>Slack Accounts</description>

   <metadata>
      <modifyTimestamp>2017-09-29T10:27:59.189Z</modifyTimestamp>
      <modifierRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
                   oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
                   relation="org:default"
                   type="tns:UserType"/>
      <modifyChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</modifyChannel>
   </metadata>

   <operationExecution id="1">
      <timestamp>2017-09-28T22:46:26.359Z</timestamp>
      <operation>
         <objectDelta>
            <t:changeType>modify</t:changeType>
            <t:objectType>c:ResourceType</t:objectType>
         </objectDelta>
         <executionResult>
            <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
            <status>success</status>
            <token>1000000000000027617</token>
         </executionResult>
         <objectName>Slack</objectName>
      </operation>
      <status>success</status>
      <initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
                    relation="org:default"
                    type="c:UserType"/>
      <channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
   </operationExecution>

   <operationExecution id="2">
      <timestamp>2017-09-29T10:27:59.227Z</timestamp>
      <operation>
         <objectDelta>
            <t:changeType>modify</t:changeType>
            <t:objectType>c:ResourceType</t:objectType>
         </objectDelta>
         <executionResult>
            <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
            <status>success</status>
            <token>1000000000000029482</token>
         </executionResult>
         <objectName>Slack</objectName>
      </operation>
      <status>success</status>
      <initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
                    relation="org:default"
                    type="c:UserType"/>
      <channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
   </operationExecution>

   <operationalState>
      <lastAvailabilityStatus>broken</lastAvailabilityStatus>
   </operationalState>

   <connectorRef oid="0a71bfb2-a5ad-424f-b45b-cce972d82cbe"
                 relation="org:default"
                 type="c:ConnectorType"/>
   <connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
  <icfc:configurationProperties xmlns:gen935="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.scim.connector-scim/com.evolveum.polygon.scim.ScimConnector">
  
         <gen935:authentication>Token</gen935:authentication>
         <gen935:token>
            <t:encryptedData>
               <t:encryptionMethod>
                  <t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
               </t:encryptionMethod>
               <t:keyInfo>
                  <t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
               </t:keyInfo>
               <t:cipherData>
                  <t:cipherValue>VGQr…mKPC</t:cipherValue>
               </t:cipherData>
            </t:encryptedData>
         </gen935:token>

         <gen935:userName>khazelton</gen935:userName>
         <gen935:password>
            <t:encryptedData>
               <t:encryptionMethod>
                  <t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
               </t:encryptionMethod>
               <t:keyInfo>
                  <t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
               </t:keyInfo>
               <t:cipherData>
                  <t:cipherValue>iJt9p…MZA=</t:cipherValue>
               </t:cipherData>
            </t:encryptedData>
         </gen935:password>

         <gen935:endpoint>https://api.slack.com/scim</gen935:endpoint>
         <gen935:version>/v1</gen935:version>
         <gen935:loginURL>https://slack.com/signin</gen935:loginURL>
         <gen935:service>Code</gen935:service>
         <gen935:baseUrl>https://api.slack.com</gen935:baseUrl>

      </icfc:configurationProperties>
   </connectorConfiguration>
</resource>

I’m not sure why the username and password are needed for this connector since the Slack API uses a bearer token security scheme.

       Appreciate any hints on where I’m wrong,    --Keith Hazelton
___________________________________
email & jabber: keith.hazelton at wisc.edu
calendar: http://go.wisc.edu/i6zxx0



---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170929/5728f3b9/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 72332 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170929/5728f3b9/attachment.png>

More information about the midPoint mailing list