Samples provided with IDM
This section lists the samples provided with IDM (in the openidm/samples
directory), with a high-level overview of each sample.
- Get Started
-
The Getting Started sample shows you how to install and evaluate a basic use case in an IDM deployment.
- Example Configurations
-
In addition to the samples listed here, IDM provides example configuration and data files that you can use to set up your own project. These files are in the
samples/example-configurations
directory. Each file in this directory is documented in the section that corresponds to the purpose of the file. For example, theconf/external.email.json
file is described in Outbound email. - Synchronize Data From a CSV File to IDM
-
The
sync-with-csv
sample demonstrates one-way synchronization from an external resource to an IDM repository. The external resource in this case is a simple CSV file. User objects in that file are synchronized with the managed users in the IDM repository. - One-Way Synchronization From LDAP to IDM
-
The
sync-with-ldap
sample uses the generic LDAP connector to connect to an LDAP directory. The sample includes one mapping from the LDAP directory to the managed user repository, and demonstrates reconciliation from the external resource to the repository. - Two-Way Synchronization Between LDAP and IDM
-
The
sync-with-ldap-bidirectional
sample uses the generic LDAP connector to connect to an LDAP directory. The sample includes two mappings: one from the LDAP directory to the managed user repository, and one in the opposite direction. The sample demonstrates reconciliation from the LDAP directory to the repository and implicit synchronization from the managed user repository to the LDAP directory. - Synchronize LDAP Groups
-
The
sync-with-ldap-groups
sample uses the generic LDAP connector to connect to an LDAP directory. The sample builds on thesync-with-ldap-bidirectional
sample by providing an additional mapping, from the LDAP groups object, to the managed groups object. The sample illustrates a new managed object type (groups) and shows how this object type is synchronized with group containers in LDAP. - Synchronize LDAP Group Membership
-
The
sync-with-ldap-group-membership
sample uses the generic LDAP connector to connect to an LDAP directory. The sample includes two mappings, one from the LDAP directory to the managed user repository, and one from the repository to the LDAP directory. The sample demonstrates synchronization of group membership; that is, how the value of theldapGroups
property in a managed user object is mapped to the corresponding user object in LDAP. - Synchronize Data Between Two External Resources
-
The
sync-two-external-resources
sample demonstrates synchronization between two external resources, routed through IDM. The resources are namedLDAP
andAD
, and represent two separate LDAP directories. In the sample both resources are simulated with simple CSV files. - Asynchronous Reconciliation Using Workflow
-
The
sync-asynchronous
sample shows how you can use workflows to launch an asynchronous reconciliation operation. - LiveSync With an LDAP Server
-
The
livesync-with-ad
sample shows the liveSync mechanism that pushes changes from an external resource to the IDM repository. The sample uses an LDAP connector to connect to an LDAP directory, either PingDS (DS) or Active Directory. - Synchronize Accounts With the Google Apps Connector
-
The
sync-with-google
sample uses the Google Apps Connector to create users and groups on an external Google system, and to reconcile those accounts with the IDM managed user repository. - Synchronize Users Between Salesforce and IDM
-
The
sync-with-salesforce
sample demonstrates how to create and update users in Salesforce, using the Salesforce Connector. The sample also shows synchronization of users between Salesforce and the IDM managed user repository. - Synchronize Kerberos User Principals
-
The
sync-with-kerberos
sample demonstrates how to use the scripted Kerberos connector to manage Kerberos user principals and to reconcile user principals with IDM managed user objects. - Store Multiple Passwords For Managed Users
-
The
multiple-passwords
sample demonstrates how to set up multiple passwords for managed users, and how to synchronize separate passwords to different external resources. The sample includes two target LDAP servers, each with different password policy and encryption requirements. The sample also shows how to extend the password history policy to apply to multiple password fields. - Link Multiple Accounts to a Single Identity
-
The
multi-account-linking
sample illustrates how IDM addresses links from multiple accounts to one identity. The sample shows how you can create links between a single source account and multiple target accounts, using link qualifiers that enable one-to-many relationships in mappings and policies. - Link Historical Accounts
-
The
historical-account-linking
sample demonstrates the retention of inactive (historical) LDAP accounts that have been linked to a corresponding managed user account. - Connect to DS With ScriptedREST
-
The
scripted-rest-with-dj
sample uses the Groovy Connector Toolkit to implement a ScriptedREST connector that interacts with the DS REST API. - Connect to MySQL With ScriptedSQL
-
The
scripted-sql-with-mysql
sample uses the Groovy Connector Toolkit to implement a ScriptedSQL connector that interacts with an external MySQL database. - Synchronize Users Between IDM and AzureAD
-
The
sync-with-azuread
sample uses the MS Graph API connector to synchronize users between IDM and Azure AD. - Connect to Active Directory With the PowerShell Connector
-
The
scripted-powershell-with-ad
sample uses the MS Active Directory PowerShell module to demonstrate how you can synchronize managed objects with a Microsoft Active Directory deployment. The sample provides a number of PowerShell scripts that let you perform basic CRUD (create, read, update, delete) operations on an Active Directory server. - Provision Users With Roles
-
The
provisioning-with-roles
sample builds on the sample described in One-way synchronization from LDAP to IDM, and demonstrates how attributes are provisioned to an external system (an LDAP directory), based on role membership. - Provision Users With Workflow
-
The
provisioning-with-workflow
sample demonstrates a typical use case of a workflow — provisioning new users. The sample demonstrates the use of the End User UI to let users complete a registration process. - Direct Audit Information To MySQL
-
The
audit-jdbc
sample uses a ScriptedSQL implementation of the Groovy Connector Toolkit to direct audit information to a MySQL database. - Direct Audit Information to a JMS Broker
-
The
audit-jms
sample demonstrates how the JMS audit event handler can publish messages that comply with the Java™ Message Service Specification Final Release 1.1. - Synchronize Data Between MongoDB and IDM
-
The
sync-with-mongodb
sample uses the Groovy Connector Toolkit to implement a scripted connector that interacts with a MongoDB Database. The connector can be used for provisioning MongoDB database users and roles from an IDM managed repository. - Synchronize Data Between HubSpot and IDM
-
The
sync-with-hubspot
sample demonstrates bidirectional synchronization between IDM managed users and HubSpot contacts. - Synchronize Data Between DocuSign and IDM
-
The
sync-with-docusign
sample demonstrates bidirectional synchronization between IDM managed users and DocuSign user accounts. - Synchronize Data Between a SCIM Provider and IDM
-
The
sync-with-scim
sample demonstrates bidirectional synchronization between IDM managed users and roles with corresponding users and roles from a SCIM provider. - Subscribe to JMS Messages
-
The
scripted-jms-subscriber
sample demonstrates the scripted JMS message handler, and how it performs ForgeRock REST operations. - Authenticate Using a Trusted Servlet Filter
-
The
trusted-servlet-filter
sample shows how to use a custom servlet filter and the Trusted Request Attribute authentication module to let IDM authenticate through another service. - Create a Custom Endpoint
-
IDM supports scriptable custom endpoints that let you launch arbitrary scripts through an IDM REST URI. The
example-configurations/custom-endpoint
sample shows how custom endpoints are configured and returns a list of variables available to each method used in a custom endpoint script.