Adapter Transformations

Overview

The structure of entity data required by identity management engines may not reflect the available structure of data in the source identity stores.

To put this in terms of Identity Broker - foreign identity management engines might not be able to directly work with the entity schema of a connector.

Adapters can update this schema through a series of transformations to close this gap; transformations are used to modify the entity schema of an adapter. Each transformation can make zero-to-many changes against the base connector schema of the adapter. Each transformation can be qualified under one of the following types:

  • Attribute manipulation transformations allow for the modification of fields in the current adapter schema, such as renaming or generating distinguished names for existing fields
  • Group Membership transformations for the mapping and manipulation of data that can be grouped
  • Offsets and flags for offsetting and setting flags for time and date-based information
  • Relational transformations for mapping information from other connectors to the adapter under a variety of conditions

Transformations are configured and executed sequentially, building on the contribution of the last transformation. Transformations cannot be configured using any fields that have not yet been introduced at the current point in the sequence.

Additionally, transformations have an impact on the Change Detection process, as they introduce additional sources for changes. Refer to the documentation for each transformation for more information.

It is highly recommended that an implementer designs the transformations for their system before attempting to configure transformations for Identity Broker.

In terms of Identity Broker it is important to note that fields introduced as the result of a transformation are read-only from the perspective of the Identity Management engine, in the same manner that database columns that are on the right side of a SQL join statement from the base table are also read-only.

Identity Broker also has the capability to add new types of transformations as they become required. Using these new transformations will be documented in the accompanying guide. It is important to check the standard list of transformations with each new release as new transformations can be added.

Configuring Transformations

After adding an adapter, transformations can be added by clicking on the Transformation Transform Schema button. A list of all available transformations will be displayed. These transformations can either be added to the front of the sequence, or the end.


Once configured, a transformation will display its contribution to the adapter schema.


A number of options become available via a functions menu on a per transformation basis:

  • Configure the transformation - this allows users to update or reconfigure the selected transformation
  • Preview Schema - view the state of the schema up to this point
  • Add Transformation Here - adds a transformation after the selected transformation
  • Move Transformation Up/Down - move the transformation up or down the sequence. Note that this may cause configured fields to become unavailable, and the transformation may require updating.
  • Delete Transformation - deletes the transformation from the sequence.


Built-in Transformations

Is this article helpful for you?