Scribd Logo
Upload

Welcome to Scribd!

  • 8.1.1 SailPoint Oracle Fusion HCM Connector Guide

    Uploaded by

    Al Bundy
    410 views6 pages
    SailPoint Oracle Fusion HCM Connector Guide

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    SailPoint Oracle Fusion HCM Connector Guide

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    410 views6 pages

    8.1.1 SailPoint Oracle Fusion HCM Connector Guide

    Uploaded by

    Al Bundy
    SailPoint Oracle Fusion HCM Connector Guide

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    SailPoint IdentityIQ Oracle Fusion

    HCM Connector
    The following topics are discussed in this document:
    Supported Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
    Administrator Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
    Configuration Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
    Schema Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
    Account Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
    Additional Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
    Additional Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
    Upgrade Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

    Supported Features
    SailPoint IdentityIQ Oracle Fusion HCM Connector supports the following features:
    • Account Management
    - Aggregation
    - Aggregation of Person descriptive flex attributes
    - Provisioning of Person descriptive flex attributes
    - Aggregate active/inactive Employees, Contingent, Pending and Non-Workers

    Note: Pending and Non-Workers can be aggregated by enabling ‘Include Pending and
    Non-Workers’ configuration attribute. For more information, see “Configuration
    Parameters” on page 3.
    - Refresh Account
    - Support for the following sub-resource attributes of the employee:
    • Manager_Name
    • Job_Name
    • Business_Unit_Name
    • Department_Name
    Note: The above sub-resource attributes would not be aggregated for pending and inactive
    users. For more information, see “Support for Additional Schema Attributes” on
    page 5.
    - Update of following attributes are supported:
    • USER_NAME
    • WORK_EMAIL
    • HOME_TELEPHONE
    • WORK_TELEPHONE
    • WORK_MOBILE
    - Delta Aggregation: Connector uses the following Oracle Fusion HCM feeds for delta aggregation:

    SailPoint Oracle Fusion HCM Connector Guide 1


    • empupdate
    • empassignment
    • termination
    • newhire
    Note: Any changes made in person descriptive fields would not be aggregated in delta
    aggregation.
    The empupdate feed returns changes of employee and contractor. Hence any change done
    on Pending and Non-Worker would not be aggregated in delta aggregation.

    Administrator Permissions
    Note: If Oracle Fusion HCM Connector is behind a proxy server, see the “Special Java Considerations”
    section of the SailPoint IdentityIQ Installation Guide.
    1. Navigate to Security Console, search for the Human Capital Management Integration Specialist Job Role
    and use Copy Role to create a custom Job role.
    2. In the Function Security Policies tab, assign the following policies:
    - Use REST Service: Employees
    - Use ATOM Feed: Employees Workspace
    - Use ATOM Feed: Workforce Structures Workspace
    3. In the Data Security Policies section, click Create Data Security Policy to add data security policies to the
    role:
    • Click Create Data Security Policy and add the following data policy attributes and click OK:
    - Name: Select Person
    - Database Resource: Person Detail
    - Start Date: System date
    - Data Set: Select by instance set
    - Condition Name: Access the person for the PER_ALL_PEOPLE_F table for people in the Person and
    Assignment Security profile
    - Actions: Select Person
    • Click Create Data Security Policy and add the following data policy attributes and click OK:
    - Name: Select Application Reference Territory
    - Database Resource: FND_TERRITORIES_B
    - Start Date: System date
    - Data Set: Select by instance set
    - Condition Name: Access the application reference territory for table FND_TERRITORIES_B for
    countries in the country security profile
    - Actions: Select Application Reference Territory
    Confirm that the newly created data policies have been assigned to the application role.
    4. On the Summary and Impact Report section, click Save and Close to save the changes.

    2 SailPoint Oracle Fusion HCM Connector Guide


    5. Execute the Retrieve Latest LDAP Changes process.
    6. Create a new Data Role from the Manage Data Role and Security Profiles page, which holds only the new
    custom Job role. Add the security policies as needed.
    7. Execute the Retrieve Latest LDAP Changes and Send Pending LDAP Requests processes.
    8. For a new user, assign the new Data Role that has been created.
    9. Re-execute the Retrieve Latest LDAP Changes and Send Pending LDAP Requests processes.

    Configuration Parameters
    The following table lists the configuration parameters of SailPoint IdentityIQ Oracle Fusion HCM Connector:

    Parameters Description
    Base URL* Unique end point URL to connect to Oracle Fusion HCM system through API in
    the following format:

    https://<host address>
    User Name* The name of the user to connect with Oracle Fusion HCM application.

    For example,
    • username@tenantname.com
    • firstname.lastname
    Password* The password associated with the specified user.
    Page Size Number of records per page. Default: 500
    Connection Timeout Provide the timeout value in minutes. Default: 1 minutes
    Effective Date Offset Enter the number of days in advance to aggregate future hire and terminations.
    For example, if the value is 15, then the Connector would aggregate the workers
    15 days in advance of their joining date and if it is future terminations, then the
    Connector would aggregate 15 days in advance of their termination date.
    Note: SailPoint recommends performing full aggregation if the value of the
    ‘Effective Date Offset’ parameter is changed.
    Past Termination Offset value in days indicates the number of past days to aggregate terminated
    Offset employees. Default: 60 days
    Include Inactive Aggregates past terminated employees.
    Accounts
    Include Pending and Aggregates pending and non-workers.
    Non-Workers
    Note: All the parameters marked with the * sign in the above table are the mandatory
    parameters.

    SailPoint Oracle Fusion HCM Connector Guide 3


    Schema Attributes
    This section describes the different schema attributes.

    Account Attributes
    The following table lists the account attributes:

    Attribute Name Description


    PERSON_NUMBER Unique identifier of Person.
    DISPLAY_NAME Person’s display name.
    HOME_EMAIL Person's primary home email.
    USER_NAME User name of Person.
    HOME_TELEPHONE Person's home telephone number.
    REGION Person's region.
    TERMINATION_DATE Person's termination date.
    CITY Person's city.
    WORK_EMAIL Primary work email of person.
    WORKER_TYPE Person type. Employee or Contingent.
    ASSIGNMENT_NAME Person's primary assignment name.
    ASSIGNMENT_POSITION_ID Person's primary assignment position ID.
    ASSIGNMENT_DEPARTMENT_ID Person's primary assignment department ID.
    ASSIGNMENT_MANAGER_ID Person's primary assignment manager ID.
    ASSIGNMENT_LOCATION_ID Person's primary assignment location ID.
    ASSIGNMENT_ACTION_CODE Person's primary assignment's action code that is, HIRE
    ASSIGNMENT_TERMINATION_D Person's primary assignment termination date.
    ATE
    ASSIGNMENT_JOB_ID Person's primary assignment job ID.
    ASSIGNMENT_BUSINESS_UNIT_I Person's primary assignment business unit ID
    D
    ASSIGNMENT_WORKER_CATEG Person's primary assignment worker category.
    ORY
    ASSIGNMENT_MANAGER_TYPE Person's primary assignment’s manager type.
    ASSIGNMENT_EFFECTIVE_START Person's primary assignment effective start date.
    _DATE
    ASSIGNMENT_EFFECTIVE_END_ Person's primary assignment effective end date.
    DATE
    ASSIGNMENT_STATUS Person's primary assignment status.

    4 SailPoint Oracle Fusion HCM Connector Guide


    Attribute Name Description
    LEGAL_ENTITY_ID ID of legal employer's legal entity.
    NATIONAL_ID_TYPE Type of person's national ID.
    NATIONAL_ID Person's national ID.
    NATIONAL_ID_EXPIRATION_DAT Person's national ID expiration date.
    E
    LAST_NAME Last name of the person.
    FIRST_NAME First name of the person.
    ADDRESS_LINE_1 Address line number 1.
    ADDRESS_LINE_2 Address line number 2.
    ADDRESS_LINE_3 Address line number 3.
    HIRE_DATE Person's hire date.
    COUNTRY Person's Country.
    WORK_TELEPHONE Person's telephone number of type work.
    WORK_MOBILE Person's mobile number of type work.
    FUTURE_DATE Person's future hire or termination date.
    FUTURE_ACTION Person's future action.

    Custom Attributes
    • Oracle Fusion HCM Connector supports adding a custom attribute in the schema.
    • Oracle Fusion HCM Connector provides support for provisioning of a custom attribute person/employee.
    Ensure that you append __c at the end of the custom attribute name. For example, to add TestDescr as a custom
    attribute, you must add TestDescr__c.

    Support for Additional Schema Attributes


    The Oracle Fusion HCM Connector provides support for aggregating the sub-resource attributes of employee. For
    this support add the following attributes in the application schema:

    Attribute Name Description


    Manager_Name Name of the manager.
    Job_Name Title of the job.
    Business_Unit_Name Name of the business unit.
    Department_Name Name of the department where the employee is employed.

    Additional Information
    This section describes the additional information related to the Oracle Fusion HCM Connector.

    SailPoint Oracle Fusion HCM Connector Guide 5


    Additional Configuration
    To add additional out of the box standard attributes, user must provide JSON-path in the application debug page
    (with the entry name as attributeMapping) and in the account schema attributes list.
    For example, to fetch Date of Birth of the Person, perform the following:
    1. Add BIRTH_DATE attribute in account schema.
    2. Add JSON Path for BIRTH_DATE attribute in attributeMapping map through application debug page as fol-
    lows:
    <entry key=”BIRTH_DATE” value=” DateOfBirth”/>

    Upgrade Considerations
    To support sub-resource attributes of employee after upgrading IdentityIQ, add the following attributes manually
    to application schema:
    • Manager_Name
    • Job_Name
    • Business_Unit_Name
    • Department_Name
    For more information, see “Support for Additional Schema Attributes” on page 5.

    6 SailPoint Oracle Fusion HCM Connector Guide

    You might also like