Change Detection

Identity Broker runs an additional process called change detection in order to maintain the current state of delta changes in each connected system. Recent updates are compared for any differences, and any changed entities are flagged as such against the appropriate adapters.

The following operations cause the change detection process to occur:

  • Connector Import All and Import Changes operations
  • Adapter Add, Update and Delete Entities operations

This process enables Identity Broker to always be able to present changes to an identity management engine, regardless of whether or not the connected system supports the exposition of changes itself.

Once the change detection process has completed, any items that have been found to have differences will be added to the changes register. Operations against the adapter should always result in a change being flagged, unless due to an inconsistent state in the identity management solution, an attempt to update an entity with identical data is made (resulting in no differences).

Items in the changes register are periodically processed and adapter entities are updated accordingly, a process called Reflection. See Reflection below for details.

The change detection process can be followed through the Identity Broker logs following any of the above operations. The process of adding items to the changes register is referred to as Changes Register Processing in the logs.

Processing

The change detection process will always attempt to run following any of the above operations. The process involves checking two potential locations for relevant changes.

Adapters will always be checked for changes in their base connector. Any changes here will have a direct effect on the entity in the adapter, and as such any changes here will result in a change being flagged.

Transformations introduce additional fields and cause other connector information to become relevant to adapters. These include:

  • Fields added relationally
  • Base connector fields that have their name modified
  • Items that are due to change in the future, such as positions that have an end date

Refer to the documentation for each transformation for specific information as to how the change detection process is affected.

Reflection

Items in the changes register are periodically removed and processed via reflection. During reflection, the state of adapter entities is re-calculated based on the state of the base connector entity, the adapter transformations and the state of any relational connector entities that are relevant due to relational transformations.

Modifications to or removal of any configured transformations will not automatically trigger reflection against all adapter entities. In order to process adapter entities under the modified transformations, you can manually generate changes for all adapter entities by clicking Generate Changes from the adapter functions menu.

Is this article helpful for you?