Professional Documents
Culture Documents
HCM Connector
The following topics are discussed in this document:
Supported Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Administrator Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Configuration Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Schema Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Account Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Additional Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Additional Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Upgrade Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Supported Features
SailPoint IdentityIQ Oracle Fusion HCM Connector supports the following features:
• Account Management
- Aggregation
- Aggregation of Person descriptive flex attributes
- Provisioning of Person descriptive flex attributes
- Aggregate active/inactive Employees, Contingent, Pending and Non-Workers
Note: Pending and Non-Workers can be aggregated by enabling ‘Include Pending and
Non-Workers’ configuration attribute. For more information, see “Configuration
Parameters” on page 3.
- Refresh Account
- Support for the following sub-resource attributes of the employee:
• Manager_Name
• Job_Name
• Business_Unit_Name
• Department_Name
Note: The above sub-resource attributes would not be aggregated for pending and inactive
users. For more information, see “Support for Additional Schema Attributes” on
page 5.
- Update of following attributes are supported:
• USER_NAME
• WORK_EMAIL
• HOME_TELEPHONE
• WORK_TELEPHONE
• WORK_MOBILE
- Delta Aggregation: Connector uses the following Oracle Fusion HCM feeds for delta aggregation:
Administrator Permissions
Note: If Oracle Fusion HCM Connector is behind a proxy server, see the “Special Java Considerations”
section of the SailPoint IdentityIQ Installation Guide.
1. Navigate to Security Console, search for the Human Capital Management Integration Specialist Job Role
and use Copy Role to create a custom Job role.
2. In the Function Security Policies tab, assign the following policies:
- Use REST Service: Employees
- Use ATOM Feed: Employees Workspace
- Use ATOM Feed: Workforce Structures Workspace
3. In the Data Security Policies section, click Create Data Security Policy to add data security policies to the
role:
• Click Create Data Security Policy and add the following data policy attributes and click OK:
- Name: Select Person
- Database Resource: Person Detail
- Start Date: System date
- Data Set: Select by instance set
- Condition Name: Access the person for the PER_ALL_PEOPLE_F table for people in the Person and
Assignment Security profile
- Actions: Select Person
• Click Create Data Security Policy and add the following data policy attributes and click OK:
- Name: Select Application Reference Territory
- Database Resource: FND_TERRITORIES_B
- Start Date: System date
- Data Set: Select by instance set
- Condition Name: Access the application reference territory for table FND_TERRITORIES_B for
countries in the country security profile
- Actions: Select Application Reference Territory
Confirm that the newly created data policies have been assigned to the application role.
4. On the Summary and Impact Report section, click Save and Close to save the changes.
Configuration Parameters
The following table lists the configuration parameters of SailPoint IdentityIQ Oracle Fusion HCM Connector:
Parameters Description
Base URL* Unique end point URL to connect to Oracle Fusion HCM system through API in
the following format:
https://<host address>
User Name* The name of the user to connect with Oracle Fusion HCM application.
For example,
• username@tenantname.com
• firstname.lastname
Password* The password associated with the specified user.
Page Size Number of records per page. Default: 500
Connection Timeout Provide the timeout value in minutes. Default: 1 minutes
Effective Date Offset Enter the number of days in advance to aggregate future hire and terminations.
For example, if the value is 15, then the Connector would aggregate the workers
15 days in advance of their joining date and if it is future terminations, then the
Connector would aggregate 15 days in advance of their termination date.
Note: SailPoint recommends performing full aggregation if the value of the
‘Effective Date Offset’ parameter is changed.
Past Termination Offset value in days indicates the number of past days to aggregate terminated
Offset employees. Default: 60 days
Include Inactive Aggregates past terminated employees.
Accounts
Include Pending and Aggregates pending and non-workers.
Non-Workers
Note: All the parameters marked with the * sign in the above table are the mandatory
parameters.
Account Attributes
The following table lists the account attributes:
Custom Attributes
• Oracle Fusion HCM Connector supports adding a custom attribute in the schema.
• Oracle Fusion HCM Connector provides support for provisioning of a custom attribute person/employee.
Ensure that you append __c at the end of the custom attribute name. For example, to add TestDescr as a custom
attribute, you must add TestDescr__c.
Additional Information
This section describes the additional information related to the Oracle Fusion HCM Connector.
Upgrade Considerations
To support sub-resource attributes of employee after upgrading IdentityIQ, add the following attributes manually
to application schema:
• Manager_Name
• Job_Name
• Business_Unit_Name
• Department_Name
For more information, see “Support for Additional Schema Attributes” on page 5.