Connectors¶
Connectors are one of the most essential part of IAM Core, as it is the only way for data to flow into it. There is no way to modify a core object without the information being flown through a sync rule from a connector.
Each connector has its own space for data, where no other connector can touch. This space is called the connector space. One connector does not know about other connectors.
In order to make the sync rules as powerfull as possible, while also providing you as the IAM Admin insight into connector data, changes that have happened, etc. the goal of connectors is that the connector space is as similar to the originating data as possible. This means that if the first name of a person record in the HR system is named given, it should also be named given in that connector's connector space. This way it is much easier to understand what was actually changed in the HR system, and it is up to the sync rules to map the information from given in the connector space to the firstName attribute of a CoreIdentity.
For organizations with multiple source systems, sync rules have join functionality to ensure that certain objects, such as the CoreIdentity of an employee exists only once, even though that employee is registered in multiple HR systems, with multiple part time positions.
Connector types¶
There are a few general types of connectors:
First party connector¶
A first party connector is connector where Fortytwo maintains the integration, such as for Visma Enterprise Plus and Simployer, and you as a customer only provides the required input configuration, such as a username and password, client id and secret, certificate, etc.
After a first party connector is created, it has the state "Created", until the first party connector runtime of the IAM Core picks it up and creates a job for it, after which it becomes "Provisioned".
API based connector¶
An API based connector is a connector where you as the customer can populate data from any system, using our Connector API or our Connector PowerShell Module (Which uses the API...). From a syncrule standpoint, these connectors work as any first party connector. It is only the way the connector space is actually populated that differs from the first party connectors.
Entra ID SCIM connector¶
An Entra ID SCIM connector is a connector where Entra ID can send data about users, in order to populate certain attributes on CoreIdentities, such as EntraObjectId, which is required for users to access most features (used to identity the link between a signed in session and the CoreIdentity).
From a syncrule standpoint, these connectors work as any other connector.