[midPoint] Configuring SCIM / Slack connector

Keith Hazelton keith.hazelton at wisc.edu
Fri Sep 29 15:51:12 CEST 2017


Thank you for your quick reply, Matus.  I did try to follow the instructions at https://wiki.evolveum.com/display/midPoint/SCIM+v1+Slack+connector but I will review carefully. I think I missed the certificate setup step.

Do I need to complete the steps under “Setting up tests” in the wiki before trying “Test Connection”?

       --Keith
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0

From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Matus Macik <matus.macik at evolveum.com>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com>
Date: Friday, September 29, 2017 at 08:43
To: midPoint General Discussion <midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Configuring SCIM / Slack connector

Hello Keith,

Did you follow the configuration section of the connectors wiki page? https://wiki.evolveum.com/display/midPoint/SCIM+v1+Slack+connector
There are multiple fields which are dedicated for using the SCIM connector to connect to some other types of resource (which speaks SCIM) (i.e. SalesForce). You just need to use the ones required by slack. Yet it looks like you found a place where some better error handling would come to use. I will fix it in the next iteration.

Best regards,

Matus Macik | Developer and Identity Management Engineer
matus.macik at evolveum.com | www.evolveum.com
Evolveum

From: Keith Hazelton<mailto:keith.hazelton at wisc.edu>
Sent: Friday, September 29, 2017 1:08 PM
To: midPoint General Discussion<mailto:midpoint at lists.evolveum.com>
Subject: [midPoint] Configuring SCIM / Slack connector

I get an error on ‘Test Connection’ after configuring the midPoint SCIM connector (v 1.4.4) for Slack.com

Using Postman I can successfully access the SCIM endpoint at Slack with my assigned bearer token:

GET   https://api.slack.com/scim/v1/Schemas/Groups

Authorization header: xoxp-…… {the token value for my Slack account}
Accept header:  application/json

The response code from Postman is 200

The top of the response body is

{
    "name": "Group",
    "description": "Core Group",
    "schema": "urn:scim:schemas:core:1.0",
"endpoint": "/Groups",
    "attributes": [
        {
            "name": "id",
            "type": "string",
            "multiValued": false,
…

On ‘Test connection’ in the Resource section of the midPoint (3.6) UI, I get the ‘UnknownHostException’ error messages shown belo:

[id:image001.png at 01D338E8.C65A9670]

Here are the sanitized contents of the current configuration file for this midPoint connector:

<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
          xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
          xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
          xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
          xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
          xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
          xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
          oid="86437f3a-661a-4135-876a-233b67256bf0"
          version="5">

   <name>Slack</name>
   <description>Slack Accounts</description>

   <metadata>
      <modifyTimestamp>2017-09-29T10:27:59.189Z</modifyTimestamp>
      <modifierRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
                   oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
                   relation="org:default"
                   type="tns:UserType"/>
      <modifyChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</modifyChannel>
   </metadata>

   <operationExecution id="1">
      <timestamp>2017-09-28T22:46:26.359Z</timestamp>
      <operation>
         <objectDelta>
            <t:changeType>modify</t:changeType>
            <t:objectType>c:ResourceType</t:objectType>
         </objectDelta>
         <executionResult>
            <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
            <status>success</status>
            <token>1000000000000027617</token>
         </executionResult>
         <objectName>Slack</objectName>
      </operation>
      <status>success</status>
      <initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
                    relation="org:default"
                    type="c:UserType"/>
      <channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
   </operationExecution>

   <operationExecution id="2">
      <timestamp>2017-09-29T10:27:59.227Z</timestamp>
      <operation>
         <objectDelta>
            <t:changeType>modify</t:changeType>
            <t:objectType>c:ResourceType</t:objectType>
         </objectDelta>
         <executionResult>
            <operation>com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta</operation>
            <status>success</status>
            <token>1000000000000029482</token>
         </executionResult>
         <objectName>Slack</objectName>
      </operation>
      <status>success</status>
      <initiatorRef oid="4f46545a-b0e6-4ddd-a3a2-bf0322389577"
                    relation="org:default"
                    type="c:UserType"/>
      <channel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</channel>
   </operationExecution>

   <operationalState>
      <lastAvailabilityStatus>broken</lastAvailabilityStatus>
   </operationalState>

   <connectorRef oid="0a71bfb2-a5ad-424f-b45b-cce972d82cbe"
                 relation="org:default"
                 type="c:ConnectorType"/>
   <connectorConfiguration xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
<icfc:configurationProperties xmlns:gen935="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.scim.connector-scim/com.evolveum.polygon.scim.ScimConnector">

         <gen935:authentication>Token</gen935:authentication>
         <gen935:token>
            <t:encryptedData>
               <t:encryptionMethod>
                  <t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
               </t:encryptionMethod>
               <t:keyInfo>
                  <t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
               </t:keyInfo>
               <t:cipherData>
                  <t:cipherValue>VGQr…mKPC</t:cipherValue>
               </t:cipherData>
            </t:encryptedData>
         </gen935:token>

         <gen935:userName>khazelton</gen935:userName>
         <gen935:password>
            <t:encryptedData>
               <t:encryptionMethod>
                  <t:algorithm>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:algorithm>
               </t:encryptionMethod>
               <t:keyInfo>
                  <t:keyName>kI2lzKlkkV52NVziiHvxPlzAL6s=</t:keyName>
               </t:keyInfo>
               <t:cipherData>
                  <t:cipherValue>iJt9p…MZA=</t:cipherValue>
               </t:cipherData>
            </t:encryptedData>
         </gen935:password>

         <gen935:endpoint>https://api.slack.com/scim</gen935:endpoint>
         <gen935:version>/v1</gen935:version>
         <gen935:loginURL>https://slack.com/signin</gen935:loginURL>
         <gen935:service>Code</gen935:service>
         <gen935:baseUrl>https://api.slack.com</gen935:baseUrl>

      </icfc:configurationProperties>
   </connectorConfiguration>
</resource>

I’m not sure why the username and password are needed for this connector since the Slack API uses a bearer token security scheme.

       Appreciate any hints on where I’m wrong,    --Keith Hazelton
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0


[https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon>

Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170929/ad54ff21/attachment.htm>


More information about the midPoint mailing list