As in the screenshot below, in FR IDC, only a handful of connectors can be created from scratch using the IDM native UI.
For other connectors, it is possible to use one of the sample configurations, copy it to the IDM project directory and then they become visible in the UI. This is not possible in FR IDC, as there is no access to file system. IDM documentation covers the steps to create a connector configuration from scratch using REST API, here - https://backstage.forgerock.com/docs/idm/7/connector-reference/connector-wiz-REST.html
The last step in the process is to "... save that configuration in a file named provisioner.openicf-name.json (where name corresponds to the name of the connector) and place it in the conf directory of your project.". This is fine for on-prem deployments or where you have access to the IDM host's file system. Again, as mentioned, in ForgeRock IDC, that is not the case.
This article details the process to create a connector using REST in FR IDC. Everything remains more or less the same, with two exceptions:
- Authn/authz to call IDM REST endpoints (actually not covered in detail here)
- Alternative to the last step in the docs
A set of bash scripts, including one for creating remote RCS based connectors are available here: https://stash.forgerock.org/projects/PROSERV/repos/fidc/browse/utils/scripts
1. Get access token for a user with openidm admin privileges and with
fr:idm:* scope. How to do that programatically or using cli is out of scope of this article and may be covered in a future article. As a quick n' dirty solution, you can grab the Bearer token from the FR IDM platform UI (when logged in as an admin) and use it below.
2. Set an environment variable with the token value. This is optional, but the following steps assume this has been done.
3. Get supported/available connectors
4. Get configuration template for selected/desired connector (in this example, the scripted REST connector)
5. Fill the configuration template returned in the response in 5, with values and submit to get the final configuration.
6. Save the final configuration, returned by 6, in the IDM configuration, giving it a name (instead of saving a file, we make a HTTP PUT request)
That is it! If there were no errors, you should see a connector in the IDM native console.