Skip to Content

Business Requirement:

When an employee is hired in SuccessFactors, a corresponding User should be created in SAP Cloud Identity. And if the User is terminated the corresponding SAP Cloud Identity User should be deactivated.

 

Scenario:

For the employee termination event, the iFlow will follow a similar path for the new hire as well. Instead of creating an account on the SAP Cloud Identity, the process should either delete the account (delete REST method) or disable the account (put REST method). The following direction below will describe a simple approach to leverage the SFSF Intelligent Services event notification.

 

High Level:

  1. Listen to incoming event
  2. Extract SFSF userID
  3. Query SAP Cloud Identity for the userID using SFSF userID as a reference
  4. Call SAP Cloud Identity to disable the account

 

Reference:

 

Steps: High overview

  1. Deploy 2 credential artifacts to the tenant, one is the SFSF credential and the other is the SAP Cloud Identity
    /wp-content/uploads/2016/08/1_1022320.png
  2. Start a new integration project
  3. Add the SFSF WSDL file to the project
    /wp-content/uploads/2016/08/3_1022330.png
  4. Set the inbound “Sender” element authentication to basic since that is currently the only available option for the SFSF Intelligent Services
    /wp-content/uploads/2016/08/4_1022332.png
  5. For the “Sender” element channel, set the protocol to use “SOAP” and bind the SFSF WSDL file then give it an address name
    /wp-content/uploads/2016/08/5_1022339.png
  6. Add a “Content Modifier” after the “Start” message element, use this element to set the header content to conform to the SAP Cloud Identity requirement and extract SFSF UserID from the incoming payload. At this point you can declare other property for usage later during the creation of the iFlow
    /wp-content/uploads/2016/08/6_1022340.png
  7. Add 2 more elements (“Service Call” and “Receiver”) onto the canvas and connect them accordingly
    /wp-content/uploads/2016/08/7_1022341.png
  8. For the “Sender” element channel, set the protocol to use “HTTP” and set the “Adapter Specific” accordingly. Also, set the “Query” parameter to the incoming SFSF UserID
    /wp-content/uploads/2016/08/8_1022345.pngNote: this demo follow the user creation mapping so the “userName” field should contain the SFSF userID
  9. Add “Script” element to the canvas and create a script for it
    /wp-content/uploads/2016/08/9_1022347.png
  10. For the script, analysis the response and extract the SAP Cloud Identity value then set the property value that was declare earlier. Example:

                    def body = message.getBody(String.class);

                    def match = body =~ /P\d{6}/;

                    if (match) {

                                    message.setHeader(“_SCI_response”, “true”);

                                    message.setHeader(“_SCI_UserID”, match[0]);

                    }

                    return message;

    Note: this is just one method of doing it

  11. Add “Router” element to the canvas, set the condition to the router
    /wp-content/uploads/2016/08/11_1022354.png
  12. Add two “Content Modifier” element to the canvas and connect them accordingly
    /wp-content/uploads/2016/08/12_1022355.png
  13. Set the fail “Content Modifier” element body according to the SFSF fail response request
  14. Set the success “Content Modifier” element body for the SAP Cloud Identity update request. Example:

    {

        “schemas”: [

    “urn:ietf:params:scim:api:messages:2.0:User”, “urn:ietf:params:scim:schemas:extension:enterprise:2.0:User”

        ],

                    “id”: “${header._SCI_UserID}”,

                    “active”: false

    }

    Note: for this demo/guide, disabling the account is the goal

  15. Add a “Request-Reply” element to the canvas
  16. Add a “Receiver” element to the canvas and connect it accordingly
    /wp-content/uploads/2016/08/16_1022356.png
  17. Set the “Receiver” channel to use “HTTP” protocol and set the “Adapter Specific” setting as well
    /wp-content/uploads/2016/08/17_1022357.png
  18. Add another “Content Modifier” to the canvas and connect it accordingly
    /wp-content/uploads/2016/08/18_1022358.png
  19. Set the body of the response to the property parameter
    /wp-content/uploads/2016/08/19_1022359.png
  20. Add another “Router” element to the canvas, set the condition to the router
    /wp-content/uploads/2016/08/20_1022360.pngNote: this is just one method of analyzing the result
  21. Finally, add another “Content Modifier” element to the canvas and set the body according to the SFSF success response request
  22. The finally iFlow should be something like this
    /wp-content/uploads/2016/08/22_1022361.png
  23. Now, the service is ready to be trigger from SFSF
To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply