In my previous guide I had mentioned that how to deploy and attach rules in IDN. But there is a big change to this announced.
Client can now directly attach what we call as “Connector Rules” into their IDN tenants without going through the rule review process. Reason behind it
Connector-Executed Rules or Connector Rules are rules that are executed in the IdentityNow virtual appliance, and are usually an extension point of the connector itself. The rules are commonly used for performing complex connector-related functions, and likewise are very specific to only certain connectors. Because these rules execute in the virtual appliance, they do not have access to query the IdentityNow data model, or fetch information from IdentityNow; instead they rely on contextual information sent from IdentityNow. Connector-executed rules may also have managed connections supplied in their contexts in order to support querying end systems or sources. While these managed connections may be used, making additional connections or call-outs is not allowed.
This should make it much easier and faster for clients to upload and modify rules themselves. The rule types allowed are
- Before Creation Rule
- Before Modify Rule
- Before Delete Rule
- After Creation Rule
- After Modify Rule
- After Delete Rule
- Build Map Rule
- JDBC Build Map Rule
- JDBC Provisioning Rule
- SAP Build Map Rule
- SAP HR Provisioning Modify Rule
- Web Services Before Operation Rule
- Web Services After Operation Rule
This is done via REST API Calls.
There are some restrictions in the rule which will auto reject them
Please go and have a full read in our IDN Rule Guide