====== JIP/KAAS Connector ====== This connector can be used to connect to Czech POINT system. Communication is via API which is provided by the end system. ===== Configuration ===== Connector has few settings which need to be configured before you used it. === Host === You want to use one of these url. Test - https://www.test.czechpoint.cz/spravadat/ws/ Production - https://www.czechpoint.cz/spravadat/ws/ === Username === Username for account which will be used for communication with the end system. === Password === Password for account === Subject === Shortcut of subject === Type of objectClass === There are two types of object which are supported in current version of connector. \_\_ACCOUNT\_\_ for users and \_\_GROUP\_\_ for roles If you want connect both types make two systems in IdM, with different configuration. ===== Scheme generation ===== Schema generation is supported by connector. It will generate these schemas: ==__ACCOUNT__== {{:devel:documentation:systems:dev:account.png?600|}} ==__GROUP__== {{:devel:documentation:systems:dev:group.png?600|}} ===== Managed user attributes ===== - titulyPred - firstname - surname - password - email - titulyZa - object-id - loginDisabled ===== Managed role types ===== - Přístup do Agend - Přístup do Czech POINT@office - Přístup do Virtuos - Přístup do informačních systémů - Agendové činnostní role ===== Provisioning ===== For objectClass GROUPS provisioning is not supported because the API doesn't support it. For objectClass ACCOUNT, the connector is supporting these operations: CREATE, UPDATE. Other operation are not supported in the API. Change of first name and last name is possible only if the process of identification(ztotožnění in Czech) was not completed ===== Synchronization ===== For ACCOUNT and GROUPS you need to use Reconciliation, normal synchronization is not supported in current version. ===== Supported operations ===== ^ Object ^ Operations ^ | \_\_ACCOUNT\_\_ | CREATE, UPDATE, READ | | \_\_GROUP\_\_ | READ |