Important
This repository contains the connector and configuration code only. The implementer is responsible to acquire the connection details such as username, password, certificate, etc. You might even need to sign a contract or agreement with the supplier before implementing this connector. Please contact the client's application manager to coordinate the connector requirements.
HelloID-Conn-Prov-Target-BasKMS is a target connector. BasKMS provides a set of REST API's that allow you to programmatically interact with its data. The HelloID connector uses the API endpoints listed in the table below.
Endpoint | Description |
---|---|
/kms/employee/show | Retrieve a single employee by referenceId . |
/kms/employee/create | Create a new employee. |
/kms/employee/update | Update an employee. |
The following lifecycle actions are available:
Action | Description |
---|---|
create.ps1 | PowerShell create lifecycle action |
delete.ps1 | PowerShell delete lifecycle action |
disable.ps1 | PowerShell disable lifecycle action |
enable.ps1 | PowerShell enable lifecycle action |
update.ps1 | PowerShell update lifecycle action |
configuration.json | Default configuration.json |
fieldMapping.json | Default fieldMapping.json |
The correlation configuration is used to specify which properties will be used to match an existing account within BasKMS to a person in HelloID.
To properly setup the correlation:
-
Open the
Correlation
tab. -
Specify the following configuration:
Setting Value Enable correlation True
Person correlation field PersonContext.Person.ExternalId
Account correlation field -
Tip
For more information on correlation, please refer to our correlation documentation pages.
The field mapping can be imported by using the fieldMapping.json file.
The following settings are required to connect to the API.
Setting | Description | Mandatory |
---|---|---|
ClientID | The ClientID to connect to the API | Yes |
ClientSecret | The ClientSecret to connect to the API | Yes |
UserName | The UserName to connect to the API | Yes |
Password | The Password to connect to the API | Yes |
TokenUrl | The URL to retrieve a token | Yes |
BaseUrl | The base URL to the API | Yes |
The referenceId
contains the externalId
of the person. This field is used within the create lifecycle action to determine if an account exists and is part of the JSON payload to the target application.
At this stage, the error handling functionality is still using the default function. This is because the error-handling logic could not be fully tested in all scenarios during the initial development phase.
We recommend that error handling be revisited and thoroughly tested in various edge cases (e.g., invalid data formats, missing required fields, system failures, etc.) once more comprehensive tests can be conducted.
For now, the default behavior will capture basic issues, but it may not provide customized or detailed feedback.
The data returned by KMS also contains the social security number or BSN. Therefore, within the connector, both the output from $correlatedAccount
and $createdAccount
are filtered to only contain the fields specified in the field mapping or $actionContext.Data
with the addition of the id
.
Before final deployment, comprehensive testing is required to validate that all data inputs and outputs are correctly encoded in UTF-8. This will include verifying that special characters and non-Latin scripts are accurately processed and displayed.
How to setup the connector in HelloID. Are special settings required. Like the primary manager settings for a source connector.
Tip
For more information on how to configure a HelloID PowerShell connector, please refer to our documentation pages.
Tip
If you need help, feel free to ask questions on our forum.
The official HelloID documentation can be found at: https://docs.helloid.com/