Connector Architecture

In Identity Security Cloud, Sources are a configured instance which communicate with an associated connector in order to read or write to user account or entitlement objects. Connectors are a technical component interface which communicate with a target system via native APIs in order to read or write user account or entitlement objects. Essentially, sources communicate with connectors.

From a connector anatomical perspective, connectors are made up of 3 components:

  1. The user interface is a set of forms which an administrator interfaces with to configure a source.

  2. The source configuration is based on a configuration template and contains all the information necessary to run the connector for the instance of that source.

  3. The connector is the actual technical component(s) which take the configurations and apply them to the connector itself. The connector performs operations such as:

    • account read or aggregation

    • account creation, modification, or deletion

    • other provisioning activity

So in Identity Security Cloud's environment, where do these artifacts live? First, it is important to understand the overall architecture of where various components live.

In Identity Security Cloud, there are components which are stored in the cloud itself, however there is an on-premise cloud connector gateway which is deployed as part of the SailPoint-managed Virtual Appliance, or VA. The connectors run from the VA and communicate with the target system(s) which can be on your internal network, or back out to the cloud.

Now that we understand the overall architecture of Identity Security Cloud, we can easily disseminate which components are deployed where, and how they will be configured.

  1. User Interface Forms

    • XML configuration

    • Deployed in the Identity Security Cloud cloud

  2. Source Configuration Template

    • XML configuration

    • Deployed in the Identity Security Cloud cloud

  3. Custom Connector

    • Compiled Java JAR package

    • Deployed in the Identity Security Cloud Virtual Appliance

These will be used as a basis for the components which will be built in this guide.