RSA Archer GRC Application Guide
|
|
- Gyles Townsend
- 6 years ago
- Views:
Transcription
1 RSA Archer GRC Application Guide Version 1.2 vember 2017
2 Contact Information RSA Link at contains a knowledgebase that answers common questions and provides solutions to known problems, product documentation, community discussions, and case management. Trademarks Dell, RSA, the RSA Logo, EMC and other trademarks, are trademarks of Dell Inc. or its subsidiaries. Other trademarks may be trademarks of their respective owners. For a list of RSA trademarks, go to License Agreement This software and the associated documentation are proprietary and confidential to EMC, are furnished under license, and may be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice below. This software and the documentation, and any copies thereof, may not be provided or otherwise made available to any other person. title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability. This software is subject to change without notice and should not be construed as a commitment by EMC. Third-Party Licenses This product may include software developed by parties other than RSA. The text of the license agreements applicable to third-party software in this product may be viewed on the product documentation page on RSA SecurCare Online. By using this product, a user of this product agrees to be fully bound by terms of the license agreements. te on Encryption Technologies This product may contain encryption technology. Many countries prohibit or restrict the use, import, or export of encryption technologies, and current use, import, and export regulations should be followed when using, importing or exporting this product. Distribution Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. THE INFMATION IN THIS PUBLICATION IS PROVIDED "AS IS." EMC CPATION MAKES NO REPRESENTATIONS WARRANTIES OF ANY KIND WITH RESPECT TO THE INFMATION IN THIS PUBLICATION, AND SPECIFICALLY DISCLAIMS IMPLIED WARRANTIES OF MERCHANTABILITY FITNESS F A PARTICULAR PURPOSE. 2
3 Contents Revision History... 5 Preface... 6 Supported RSA Identity Governance and Lifecycle Version(s)... 6 Supported RSA Archer GRC Version(s)... 6 Audience... 6 What s in this Guide... 6 About Data Collection and Provisioning with RSA Archer GRC... 7 Prerequisites:... 7 Installing required certificates:... 7 Using RSA Archer Application Wizard to Configure Connector and Collectors Creating New RSA Archer GRC Collectors - ADC & EDC (Optional) Creating a New RSA Archer GRC Connector (Optional) General Settings Capabilities Command Input Parameters Login Create an Account Command Code How to configure the output parameter in the Create Account command Delete an Account Command Code Reset an Account Password Command Code Add Account to Group Command Code Remove Account from Group Command Code Enable an Account Command Code Disable an Account Command Code Update an Account
4 Command Code Add Application Role to Account Command Code Remove Application Role from Account Command Code Create a Group Command Code Delete a Group Command Code Update a Group Command Code Add Application Role to a Group Command Code Remove Application Role from a Group Command Code Add a Group to a Group Command Code Remove a Group from a Group Command Code Create a Role Command Code Delete a Role Command Code Update a Role Command Code Tips & Troubleshooting
5 Revision History Revision Number Version 1.0 Version 1.1 Version 1.2 Description RSA Archer GRC Updated Expiration date parameter mapping in account data collector. Updated document with minimum version support. 5
6 Preface This guide provides an overview of the Connector and Collectors for the RSA Archer GRC end point. The guide describes the required configurations, parameters, and mappings of different attributes between the Connector and Collectors and how to use the AppWizard to integrate the RSA Archer GRC application with RSA Identity Governance and Lifecycle. This guide includes use cases and troubleshooting tips. Supported RSA Identity Governance and Lifecycle Version(s) RSA Identity Governance and Lifecycle and later Supported RSA Archer GRC Version(s) 6.2 Audience This guide is intended for the users of RSA Identity Governance and Lifecycle, including security administrators, RSA Archer GRC application owners and system configuration administrators. What s in this Guide About Data Collection and Provisioning with RSA Archer GRC provides an overview of how Connectors and Collectors can help integrate RSA Identity Governance and Lifecycle with RSA Archer GRC. Using RSA Archer GRC Application Wizard to Configure Collectors and Connectors describes how to set up these Connectors and Collectors. Creating a New Archer GRC Connector (Optional) describes how to configure an Archer GRC connector without using the Application Wizard. The Application Wizard is the recommended way to configure the connector. Creating New Archer GRC Collectors - ADC and EDC (Optional) describes how to configure theses collectors without using the Application Wizard. The Application Wizard is the recommended way to configure the collectors. Tips & Troubleshooting lists possible errors and their solutions. It also describes how the Connector uses Login API to generate Session Token. 6
7 About Data Collection and Provisioning with RSA Archer GRC RSA Archer GRC provides IT security risk and compliance features. RSA Archer GRC solutions allow building an efficient, collaborative enterprise governance, risk and compliance (GRC) program across IT, finance, operations and legal domains. With RSA Archer GRC, one can manage risks, demonstrate compliance, automate business processes, and gain visibility into corporate risk and security controls. Integrating RSA Archer GRC with RSA Identity Governance and Lifecycle helps you improve access decisions, reduce the risk of inappropriate access, and better analyze security incidents by providing access to identity context and application entitlement data. RSA Identity Governance and Lifecycle s collector for RSA Archer GRC provides a rich data context about users (such as their access, identity attributes, violations, accounts, etc.) and applications (entitlements, access) from RSA Archer GRC. The RSA Archer GRC Connector helps you govern and provision user access to RSA Archer GRC. You can use the business governance processes within RSA Identity Governance and Lifecycle to request, provision, and de-provision user access to workspaces within RSA Archer GRC. Prerequisites: Installing required certificates: RSA Archer GRC certificate should be added to the appropriate trust-stores. Follow the steps mentioned below for adding certificates to the trust-stores of WebSphere, WebLogic and WildFly application servers. a. WebSphere Application Server: 1. Log in to WebSphere Administrative console ( 2. In left panel, expand Security menu. 3. Click on SSL certificate and then click the key management link. 4. Under Configuration Settings, click the Manage endpoint security configurations link. 5. Select Outbound properties for the appropriate node. 6. Click on appropriate node link to get the properties. 7. Under Related Items, click Key stores and certificates and then click the dedefaulttruststore key store. 8. Under Additional Properties, click Signer certificates and then click Retrieve From Port. 9. In the Host field, enter <host_name>, enter 443 in the Port field, and archer_cert in the Alias field 10. Click Retrieve Signer Information. 11. Verify that the certificate information is for a certificate that you can trust. 12. Click Apply and then click Save. 13. w, create RSA Archer GRC V3 collectors using below mentioned steps for creating the collectors. Even after following all 12 steps mentioned above, if collectors don t work as expected and show SSL certificate issue, the authority certificate must be added in the keystore. 14. w, again go to Key stores and certificates and click the Aveksa Keystore. 7
8 15. Under Additional Properties, click Signer certificates and then click Retrieve From Port. 16. In the Host field, enter authority url, 443 in the Port field, and authority_cert in the Alias field. 17. Click Retrieve Signer Information. 18. Verify that the certificate information is for the certificate that you can trust. 19. Click Apply and then click Save. 20. Login into WebSphere machine using SSH (e.g. putty). 21. On command prompt, run : /home/oracle/afx/afx stop 22. On command prompt, run : /opt/ibm/websphere/appserver/bin/stopserver.sh server1 23. On command prompt, run : /opt/ibm/websphere/appserver/bin/startserver.sh server1 24. On command prompt, run : /home/oracle/afx/afx start b. WebLogic Application Server : 1. Download/retrieve the RSA Archer GRC SSL certificate in PEM format e.g. archer.pem and save them at location /home/oracle. 2. Log in to WebLogic Administrative console. ( 3. Under Domain Configurations, in the Environement section, click Servers link. 4. Click aveksaserver link. 5. Click the SSL tab 6. Click Advanced link 7. Select HostName as Verification = ne. 8. Save the settings. 9. Login into WebLogic machine using SSH (e.g. putty). 10. cd /home/oracle/ 11. Add archer.pem certificate in server.keystore by using keytool : Run : keytool -import -file archer.pem -alias archer -keystore server.keystore Run : keytool -import -file <authority_certificate> -alias <alias> -keystore server.keystore 12. It will ask for keystore password. Default keystore password is Av3k5a15num83r0n3 13. Restart SSL on WebLogic Server as described below: a. Go to Servers > Controls tab. b. Select/check aveksaserver(admin) and then click Restart SSL 14. Restart the server. a. /home/oracle/afx/afx stop b. Run: /home/oracle/wls/ /user_projects/domains/aveksadomain/bin/stopwe blogic.sh c. Run:/home/oracle/wls/ /user_projects/domains/aveksaDomain/bin/star tweblogic.sh d. /home/oracle/afx/afx start c. WildFly Application Server : 1. Download/retrieve the RSA Archer GRC SSL certificate in PEM format e.g. archer.pem and save at some location. 2. cd <$JAVA_HOME>/jre/lib/security. 3. Add certificates in cacerts by using keytool: keytool -import -file archer.pem -alias archer -keystore cacerts 8
9 4. Password for keystore (unless you have made any changes) : changeit 5. Restart the server: a. Run : afx stop b. Run : acm stop c. Run : acm start d. Run : afx start 9
10 Using RSA Archer Application Wizard to Configure Connector and Collectors RSA Identity Governance and Lifecycle provides an Application Wizard which simplifies the process of setting up RSA Archer GRC Connector and Collectors. RSA recommends that you use the Application Wizard to initially set up RSA Archer GRC Connectors and Collectors. If you need to modify these Connectors/Collectors later on, then please refer to next section(s). 1) Log in to RSA Identity Governance and Lifecycle. 2) Go to Resources > Applications and click Create Application. 3) From the list of applications, select RSA Archer GRC. 4) Click Next. 5) The Setup page is there to provide an overview of the RSA Archer endpoint, as well as collector and connector information. w click Next. 6) Fill out the Connect page with information regarding connecting to the RSA Archer GRC endpoint. Application Name Scheme Host Port Admin Name Admin Password Website Name Instance Name Domain Name Paging to fetch data AFX Server Description Any name to identify this application HTTP or HTTPS Host name of the RSA Archer GRC endpoint server Port number of the RSA Archer GRC endpoint server RSA Archer GRC Administrator account name which will be getting used for the provisioning of different entities and collections RSA Archer GRC Administrator password Configured on RSA Archer GRC web server RSA Archer GRC Instance name RSA Archer GRC Domain name Paging size required to fetch data from RSA Archer GRC, by default it is 1000 ( being used for all the Collectors) Select Available AFX server from the drop down list Click Test Connection to check the connectivity to the endpoint from RSA Identity Governance and Lifecycle instance. 7) Click Next. 8) On the Confirm Changes page, confirm all the provided details. If there are any corrections required, click Back to return to previous page.. 9) Click Next. 10) The Change Summary page lists all the components created by this Application Wizard: A new RSA Archer GRC Application that will have Connector and Collectors binding. Custom attribute UserId created for Account Custom attribute GroupId created for Group Custom attribute RoleId created for Application Role Account Collector (ADC) to collect Accounts and Groups. Entitlement Collector (EDC) to collect entitlements of Account. 10
11 AFX Connector o Request Form o Account Template 11) Click Finish to close the Wizard. 11
12 Creating New RSA Archer GRC Collectors - ADC & EDC (Optional) The Application Wizard provides guidance for creating the RSA Archer GRC Collectors. Use this section only if you need to create a new RSA Archer GRC Collector, which can be configured later with some Application. The recommended approach is to use the Application Wizard to get the Application- Collectors-Connector binding and Account template configurations created. Prerequisites RSA Archer GRC Account Data Collectors and Entitlement Data Collectors use REST APIs provided by the RSA Archer end point. Ensure that the RSA Archer GRC endpoint has REST API support enabled and is accessible from the RSA Identity Governance and Lifecycle installed server location. Following attributes will be collected from RSA Archer GRC: Account Attribute AccountName Status GivenName FamilyName UserID Department businessunit LastLoginDate Company Phone Lockedstatus disabledstatus Group GroupName GroupID Role role_id Role_name Description 12
13 Alias updatedate isdefault Adding Additional Attributes (Custom Attributes) Login to RSA Identity Governance and Lifecycle Go to Admin > Attributes Account - Go to "Account" tab and add following attributes if they do not exist: Attribute Name Data Database ID Data Source In Detail In Popup Mandatory <one of available> Collected Yes Yes AccountNam e <one of available> Collected Yes Yes Status <one of available> Collected Yes Yes GivenName <one of available> Collected Yes Yes FamilyName <one of available> Collected Yes Yes UserID <one of available> Collected Yes Yes Yes Department <one of available> Collected Yes Yes BusinessUnit <one of available> Collected Yes Yes LastLoginDat e <one of available> Collected Yes Yes Company <one of available> Collected Yes Yes Phone <one of available> Collected Yes Yes Lockedstatus <one of available> Collected Yes Yes 13
14 Attribute Name Data Database ID Data Source In Detail In Popup Mandatory DisabledStat us <one of available> Collected Yes Yes Group - Go to "Group" tab and add following attributes if they do not exist: Attribute Name Data Database ID Data Source In Detail In Popup Mandatory GroupName <one of available> Collected Yes Yes GroupID <one of available> Collected Yes Yes Yes Role - Go to "Application Role" tab and add following attributes if they do not exist: Attribute Name Data Database ID Data Source In Detail In Popup Mandatory RoleID <one of available> Collected Yes Yes Yes RoleName <one of available> Collected Yes Yes Description <one of available> Collected Yes Yes Alias <one of available> Collected Yes Yes UpdateDate <one of available> Collected Yes Yes Collector Configuration To set up a new instance of the RSA Archer GRC Collectors (ADC/EDC): 1. Login to RSA Identity Governance and Lifecycle. 2. Select the application already created to create ADC or EDC (Resources > Applications). 3. Click the Collectors tab. 4. Click Create Account Collector or Create Entitlement Collector depending on the requirement. 5. Configure the collectors based on your requirements: 14
15 Creating new Account Data Collector (ADC) a. Configure the Collector Description screen with these values: Collector Name RSA Archer GRC Account Data Collector Description RSA Archer GRC s Account Data Collector Data Source RSA Archer GRC Agent AveksaAgent Business Source Application for RSA Archer GRC Status Active Copy from Select Existing RSA Archer GRC Account Collector if you want to use same collector configuration Scheduled Default : b. Click Next. c. Configure the Configuration Information screen referencing these values: Scheme http or https Host < Host or IP on which RSA Archer GRC Instance is running > Port <RSA Archer GRC Server port> Admin Name < Name of the Admin user to login> Admin Password < Password of the admin of the domain registered with RSA Archer 15
16 GRC> Application Name <Application name/website name> Instance Name <Instance Name of the RSA Archer GRC> Domain Name <Domain Name of the RSA Archer GRC> Paging to fetch data <Size of Paging data to be fetched at a time> Default : 1000 d. Click Next. e. Configure the Map Collector Attributes to Account Attributes screen with these values: Last Login Date <Custom attribute to collect Last Login Date> Expiration Date A n-mandatory field. t applicable to the RSA Archer Collector because there is no attribute similar to Expiration Date for accounts provided in the REST API response from RSA Archer. User Id userid f. Click Next. g. Configure the Map Collector Attributes to Account Mapping Attributes screen with these values: User Reference accountname h. Click Next. i. Configure the Map Collector Attributes to Group Attributes screen with these values: Group id groupid 16
17 Owner j. Click Next. k. Configure the Edit User Resolution Rules screen with these values: Target Collector <Cloud IDC> Default: Users User Attribute < Address> Default: UserID l. Click Next. m. Configure the Edit Member Account Resolution Rules screen with these values: Target Collector RSA Archer GRC Account Data Collector Account Attribute UserID n. Click Next. o. Configure the Edit Sub-group Resolution Rules screen with these values, Target Collector RSA Archer GRC Account Data Collector Group Attribute GroupID p. Click Finish to save this Collector. Creating new Entitlement Data Collector a. Configure the Collector Description screen with these values: 17
18 Collector Name RSA Archer GRC Entitlement Data Collector Description RSA Archer GRC s Entitlement Data Collector Business Source Application for RSA Archer GRC Data Source RSA Archer GRC Agent AveksaAgent Status Active Copy from Select Existing RSA Archer GRC Entitlement Collector if you want to use same collector configuration. Scheduled Default : b. Click Next. c. Configure the Configuration Information screen with these values: Scheme http or https Host < Fully qualified IP/hostname> Port <RSA Archer GRC Server port> Admin Name <Admin Username> Admin Password <Admin Password> Application Name < Application/Website name (Found in the RSA Archer control panel -> 18
19 Instance -> Web tab -> BaseUrl field)> Instance Name <RSA Archer GRC instance name> Domain Name <Archer Domian Name> Paging to fetch data <Size of paging data to be fetched at a time (default : 1000)> d. Click Next. e. Configure the Map Collector Attributes to App Role Attributes screen with these values: Role ID role_id of the App Role collected f. Click Next. g. Configure Group Evaluation screen with these values: Associated Collector Archer Account Data Collector Group value evaluates to GroupID h. Click Next. i. Configure Account Evaluation screen with these values: Associated account Collector Archer Account Data Collector Account value evaluates to UserID j. Click Finish to save the Collector. 19
20 Creating a New RSA Archer GRC Connector (Optional) The Application Wizard provides guidance for creating the RSA Archer GRC Connector. Use this section only if you need to create a new RSA Archer GRC Connector, which can be configured later with some Application. The recommended approach is to use the Application Wizard to get the Application- Connector binding and Account template configurations created. te: The created Connector will be in Test mode by default and cannot be used with any application unless it is set to the Active mode. Prerequisites RSA Archer GRC Connector makes use of REST APIs provided by the RSA Archer GRC endpoint. Make sure that the RSA Archer GRC endpoint has REST API support enabled and is accessible from the RSA Identity Governance and Lifecycle installed server location. Connector Configuration Set up a new instance of the RSA Archer GRC Connector: The Connector creation is made up of three sections: General General details about the Connector; such as. the name, type, etc. Settings The connection settings required to connect RSA Identity Governance and Lifecycle with the endpoint application in consideration. Capabilities These are the list of verbs or capabilities that theconnector supports; for example: Create, Update, Delete, etc. To set up a new instance of the RSA Archer GRC connector without using the Application Wizard: 1. Log in to RSA Identity Governance and Lifecycle. 2. From the top menu bar, go to AFX > Connectors. 3. Click Create Connector. 4. Use the reference tables below to configure the connector. General The following describes the Parameters the General page. Parameter Name <Provide Connector instance Name> Description <Provide some description for this Connector instance> 20
21 Server <Select available AFX Server> Connector Template RSA Archer GRC State Test (It can be changed later to Active, once capabilities are tested) Export As Template Name of Connector template te: When you are satisfied your connector is configured properly, change the state to Active. automated provisioning will occur while in the Test state. It is recommended that you test all enabled commands using Test Connector Capabilities prior to changing to the Active state. Settings The following table describes the parameters on the Settings page. Description Scheme HTTP or HTTPS (Scheme to use to access the RESTful web service) In case of using HTTPS, make sure that all the required certificates (Archer server certs as well as all the certs required in chain) are added to the jre s keystore. ( See the Troubleshooting and Tips section for information about keystore settings.) Host <Fully qualified RSA Archer Server Hostname/IP> Port <Port number to access Archer server rest services> Admin Username <Username for authentication> Admin Password <Password for authentication> Application Name <Application/Website name> Can be found in the RSA Archer GRC control panel > Instance > Web tab> BaseUrl field 21
22 Instance Name <RSA Archer GRC Instance Name> Domain Name <RSA Archer GRC Domain Name> Follow redirects (GET requests only) <If checked and the RESTful web service call is a GET, redirects will be followed> Response timeout (in milliseconds) <The number of milliseconds to wait for a response> (default is 10000) Asynchronous callback? If checked, after a successful response from the web service, AFX will wait for a callback Proxy Host <Hostname of the proxy server> Proxy Port <Port of the proxy server> Default : 0 Proxy User Name <User name for the proxy server> Proxy Password <Password for the proxy server> Capabilities The following capabilities are supported for the RSA Archer GRC Connector: Category Command Login Account Login Create an Account Delete an Account Reset an Account Password Add Account to Group Remove Account from Group Enable an Account Disable an Account Update an Account Add Application Role to Account 22
23 Group Role Remove Application Role from Account Create a Group Delete a Group Update a Group Add Application Role to a Group Remove Application Role from a Group Add a Group to a Group Remove a Group from a Group Create a Role Delete a Role Update a Role Command Input Parameters Login Path ${Settings.Application}/api/core/security/login Encode Path Check if path encoding required Default- unchecked(false) Method POST Request Headers Content-:application/json Request body {"UserDomain":"","Password":"${Settings.Password}","Username":"${Settings.Username}", "InstanceName":"${Settings.Instance}"} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 23
24 Partial Match: unchecked for both Expression : statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match: unchecked for both Brief Response Expression : JsonPath Expression: ValidationMessages[0]/MessageKey Expression :statuscode Detailed Response Expression : JsonPath Expression: ValidationMessages[0]/MessageKey Expression : statuscode Expression :JsonPath Expression: RequestedObject/ te: input parameters should be configured, use parameters from Settings page as ${Settings.paramName} if required in request body. Create an Account FirstName 24
25 Default Is the parameter required? Yes Is the parameter encrypted? First Name Mapping ${User.First_Name} Account First Name LastName Default Is the parameter required? Yes Is the parameter encrypted? Last Name Mapping ${User.Last_Name} Account Last Name 25
26 Password Default Is the parameter required? Yes Is the parameter encrypted? Yes Password Mapping ${AccountTemplate.Password} Account Password Default Is the parameter required? Is the parameter encrypted? Mapping 26
27 UserName Default Is the parameter required? Yes Is the parameter encrypted? Yes UserName Mapping ${User.UserId} Username Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/user Encode Path Check if path encoding required Default- unchecked(false) 27
28 Method POST Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"User":{"FirstName":"${FirstName}","LastName":"${LastName}", "UserName":"${UserName}"}, "Password":"${Password}"}} te: Can add more parameters to create account, with valid json request. Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath 28
29 Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example:statuscode/jsonpath How to configure the output parameter in the Create Account command 1. Login to RSA Identity Governance and Lifecycle. 2. From the top menu bar, click AFX > Connectors 3. Click on the RSA Archer GRC Connector for which you want to configure the output parameter. 4. Click Edit. 5. Click the Capabilities tab and then click Create an Account. 6. Under Command Output Parameters, click Add More. 7. Provide AccountId as and select Account.User_Id as Mapping. 8. In AccountId response at the end of the page, select JsonPath as Expression and add RequestedObject/Id as Expression 9. Click OK to save the configurations 29
30 Delete an Account AccountId Number Default Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id to be deleted Default Is the parameter required? Is the parameter encrypted? Mapping 30
31 Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/user/${AccountId} Encode Path Check if path encoding required Default- unchecked(false) Method DELETE Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 31
32 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Reset an Account Password AccountId Number Default Is the parameter required? Yes Is the parameter encrypted? Account Id 32
33 Mapping ${Account.UserId} Id of account who s password is to be reset Default Is the parameter required? Is the parameter encrypted? Mapping Password Default Is the parameter required? Yes 33
34 Is the parameter encrypted? Yes New Password Mapping New Password value Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/userpassword Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"UserId":${AccountId},"NewPassword":"${Password}"} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 34
35 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Add Account to Group AccountId Number Default 35
36 Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id to be added to group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Group Id Mapping ${Group.Group_Id} Group Id where account is to be added 36
37 Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/usergroup Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"UserId":${AccountId},"GroupId":${GroupId},"IsAdd":true} 37
38 Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath 38
39 Remove Account from Group AccountId Number Default Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id to be removed from group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Group Id 39
40 Mapping ${Group.Group_Id} Group Id where account is to be removed Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/usergroup Encode Path Check if path encoding required 40
41 Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"UserId":${AccountId},"GroupId":${GroupId},"IsAdd":false} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage 41
42 Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Enable an Account AccountId Number Default Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id to be enabled Default 42
43 Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/user/status/active/${AccountId} Encode Path Check if path encoding required Default- unchecked(false) Method POST Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 43
44 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Disable an Account AccountId Number 44
45 Default Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id to be disabled Default Is the parameter required? Is the parameter encrypted? Mapping Command Code 45
46 Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/user/status/inactive/${AccountId} Encode Path Check if path encoding required Default- unchecked(false) Method POST Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both 46
47 Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Update an Account FirstName Default Is the parameter required? Yes Is the parameter encrypted? First Name Mapping ${User.First_Name} Account First Name 47
48 LastName Default Is the parameter required? Yes Is the parameter encrypted? Last Name Mapping ${User.Last_Name} Account Last Name Password Default Is the parameter required? Yes Is the parameter encrypted? Yes Password Mapping 48
49 Account Password Default Is the parameter required? Is the parameter encrypted? Mapping AccountId Number Default Is the parameter required? Yes Is the parameter encrypted? 49
50 Account Id Mapping ${Account.UserId} Id of account to be updated Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/user Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"User":{"Id":${AccountId},"FirstName":"${FirstName}","LastName":"${LastNa me}","username":"${username}","accountstatus":1}} te: Can add more parameters to update account, with valid json request Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 50
51 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Add Application Role to Account AccountId Number Default 51
52 Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id RoleId Number Default Is the parameter required? Yes Is the parameter encrypted? Role Id Mapping ${ApplicationRole.Role_Id} Role Id 52
53 Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/usergroup Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} 53
54 Request body {"UserId":${AccountId},"RoleId":${RoleId},"IsAdd":true} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath 54
55 Remove Application Role from Account AccountId Number Default Is the parameter required? Yes Is the parameter encrypted? Account Id Mapping ${Account.UserId} Account Id RoleId Number Default Is the parameter required? Yes Is the parameter encrypted? Role Id 55
56 Mapping ${ApplicationRole.Role_Id} Role Id Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/usergroup Encode Path Check if path encoding required 56
57 Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"UserId":${AccountId},"RoleId":${RoleId},"IsAdd":false} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode 57
58 Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Create a Group Group Default Is the parameter required? Yes Is the parameter encrypted? Group Name Mapping Group name to be created 58
59 Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/group Encode Path Check if path encoding required Default- unchecked(false) Method POST Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"Group":{"Name":"${Group}"}} 59
60 te: Can add more parameters to create account, with valid json request. Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath 60
61 Delete a Group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Group Id Mapping ${Group.Group_Id} Group name to be deleted Default Is the parameter required? Is the parameter encrypted? 61
62 Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/group/${GroupId} Encode Path Check if path encoding required Default- unchecked(false) Method DELETE Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body. Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode 62
63 Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Update a Group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? 63
64 Group Id Mapping ${Group.Group_Id} Group name to be updated Default Is the parameter required? Is the parameter encrypted? Mapping Group Default 64
65 Is the parameter required? Yes Is the parameter encrypted? Group Name Mapping New group name to be updated Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/group Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"Group":{"Name":"${Group}","Id":${GroupId}}} te: Can add more parameters to create account, with valid json request. Status Code Expression :JsonPath Expression:IsSuccessful 65
66 Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath 66
67 Add Application Role to a Group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Group Id Mapping ${Group.Group_Id} Group Id RoleId Number Default Is the parameter required? Yes Is the parameter encrypted? Role Id 67
68 Mapping ${ApplicationRole.Role_Id} Role Id Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/rolegroup 68
69 Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"GroupId":${GroupId},"RoleId":${RoleId},"IsAdd":true} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode 69
70 Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Remove Application Role from a Group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Group Id Mapping ${Group.Group_Id} Group Id RoleId 70
71 Number Default Is the parameter required? Yes Is the parameter encrypted? Role Id Mapping ${ApplicationRole.Role_Id} Role Id Default Is the parameter required? Is the parameter encrypted? Mapping 71
72 Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/rolegroup Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"GroupId":${GroupId},"RoleId":${RoleId},"IsAdd":false} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 72
73 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Add a Group to a Group GroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Group Id Mapping ${Group.Group_Id} 73
74 Parent group Id SubgroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Sungroup Id Mapping ${Group.Group_Id} Subgroup Id to be added Default Is the parameter required? Is the parameter 74
75 encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/groupmember Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"GroupId":${GroupId},"GroupMemberId":${SubgroupId},"IsAdd":true} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 75
76 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Remove a Group from a Group GroupId Number 76
77 Default Is the parameter required? Yes Is the parameter encrypted? Group Id Mapping ${Group.Group_Id} Parent group Id SubgroupId Number Default Is the parameter required? Yes Is the parameter encrypted? Sungroup Id Mapping ${Group.Group_Id} Subgroup Id to be removed 77
78 Default Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/groupmember Encode Path Check if path encoding required Default- unchecked(false) Method PUT 78
79 Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"GroupId":${GroupId},"GroupMemberId":${SubgroupId},"IsAdd":false} Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode 79
80 te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Create a Role Role Default Is the parameter required? Yes Is the parameter encrypted? Role Name Mapping Role name to be created Default 80
81 Is the parameter required? Is the parameter encrypted? Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/role Encode Path Check if path encoding required Default- unchecked(false) Method POST Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"AccessRole":{"Name":"${Role}"}} te: Can add more input parameters to create role, with valid json request Status Code Expression :JsonPath 81
82 Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression i.e. statuscode/jsonpath 82
83 Delete a Role RoleId Number Default Is the parameter required? Yes Is the parameter encrypted? Role Id Mapping ${ApplicationRole.Role_Id} Role Id to be deleted Default Is the parameter required? Is the parameter encrypted? 83
84 Mapping Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/role/${RoleId} Encode Path Check if path encoding required Default- unchecked(false) Method DELETE Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both 84
85 Expression :statuscode Expression: Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression i.e. statuscode/jsonpath Update a Role RoleId Number Default Is the parameter required? Yes 85
86 Is the parameter encrypted? Role Id Mapping ${ApplicationRole.Role_Id} Role Id to be updated Default Is the parameter required? Is the parameter encrypted? Mapping Role 86
87 Default Is the parameter required? Yes Is the parameter encrypted? Role Name Mapping ${ApplicationRole.Name} Role name to be updated Alias Default Is the parameter required? Yes Is the parameter encrypted? Role Alias Mapping 87
88 New alias name of role to be updated Command Code Generate Checked(true) te: Have the login command configured Path ${Settings.Application}/api/core/system/role Encode Path Check if path encoding required Default- unchecked(false) Method PUT Request Headers Content-:application/json Accept:application/json; charset=utf-8 Authorization:Archer session-id= ${} Request body {"AccessRole":{"Name":"${Role}","Id":${RoleId},"Alias":"${Alias}"}} te: Can add more input parameters to update role, with valid json request Status Code Expression :JsonPath Expression:IsSuccessful Pattern/Replacement 1. true/0 2. false/1 Partial Match:unchecked for both Expression :statuscode Expression: 88
89 Pattern/Replacement 1. ^[23]\d{2}$/0 2. ^([45])\d{2}$/$1 Partial Match:unchecked for both Brief Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode Detailed Response Expression :JsonPath Expression: ValidationMessages[0]/ResourcedMessage Expression :statuscode te : Have StatusCode, BriefResponse, DetailedResponse configured to same Expression ; for example: statuscode/jsonpath Known Limitations of RSA Archer GRC connector: 1. Enabling/Disabling an already enabled/disabled account passes. e.g. If an account is enabled and you again try to enable it, the capability passes successfully; same is applicable for disable account. 2. Adding approletoaccount/group already added passes. e.g. If an account/group is given access to some role, and you again perform the operation on same account/group for same role it passes successfully. 3. Removing approlefromaccount/group which does not have that account/group passes. e.g. An account/group not having access to some role, and you perform the operation to remove role it passes successfully. 89
90 Tips & Troubleshooting RSA Archer GRC is an application which runs on Windows IIS server. Inside an RSA Archer GRC instance, you can create multiple applications with different names. When providing the URL for the Connector and Collector, use the application name hosted on the IIS server. In the REST commands, always use the Instance name which is configured in the RSA Archer GRC application. Below are the possible RSA Archer GRC REST API error responses with error code. This table can be used to troubleshoot issues related to the endpoint while using the Connector and Collectors. In the case of Connectors, these errors can be observed in Server log files AFX/mule/logs/mule.AFX-CONN-<ConnectorName>.log. Expected Condition HTTP Response Code Meaning Example The business process succeeded or failed in an expected way 200 Success Request for non-existent user A system process failed (at a deeper level than the business process) 400 bad request A deserialization exception is thrown Invalid session 401 Unauthorized Invalid or incorrect session token in request header User requests resource to which they do not have permission 403 Forbidden The user requests a user but does not have read access to the module User attempts to POST content using the PUT uri or vice versa 403 Forbidden The user attempts to save changes to an existing group record using the POST uri on the group controller route matching the requested 404 t Found The user requested a URI that has no corresponding route to 90
91 URI is round map it to a controller OData query too large (default 1024) 413 HTTP Request Too Large OData query string exceeds configured limit More about OData usages by RSA Archer GRC REST API: (Refer for more information) REST API Responses, i.e. Results, can be limited and organized in several different ways by the caller. The user can control the number of results found (filtering), the number of columns in each row returned (projection), and several other aspects of result sets. OData queries are normally passed on the request URI in a query string. Due to the security issues, this will not be a supported use of OData for Archer API. OData queries must be passed in the request body. $top, $skip, $filter, $orderby, $select are fully supported for retrieving Users, Groups and Roles. These filters are being used by the RSA Identity Governance and Lifecycle collector for RSA Archer GRC. POST: Request Headers: Accept:application/json,text/html,application/xhtml+xml,application/xml;q=.9,*/*;q=0.8 Authorization: Archer session-id="session token ID from login" Content-: application/json X-Http-Method-Override: GET Request Body: { :?$filter=contact eq 7 &select= } RSA Archer GRC provides a REST API interface to communicate to its internal entities for collection and modification. To implement Connectors and Collectors for this endpoint, RSA Identity Governance and Lifecycle must have the REST API support enabled. In addition to this, RSA Archer GRC should be accessible from the location where RSA Identity Governance and Lifecycle server (ACM and AFX) is running. To verify whether RSA Archer GRC is accessible and REST API support is enabled, make use of any REST Client and try the command below (replace credentials and other artifacts shown in the example with real values). Request: POST Request Header: Request Body: Accept: application/json,text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Content-: application/json 91
92 {"InstanceName":"Archer","Username":"ArcherAdmin","UserDomain":"","Password":"Archer123!"} Check the response - it should be something similar to the response below. Expected response: IsSuccessful=True Links RequestedObject Context=0 InstanceName=Archer =B6542A941EA367EBB2DE214E1621A42B Translate=False UserConfig Login capability creates an RSA Archer GRC session using the specified credentials on the specified instance. The API request will return a serialized representation of a SessionContext object, known as a in this Connector. Refer to the section below to find out more about how the is used for the Connectors and their configurations. Additional information regarding Connector s Login capability and Session Token: te: This section provides additional information about the Login capability. configuration changes need to be made by the end user. All of the described configurations are set by default when the Connector is created. To communicate to the RSA Archer GRC instance, you need a Session Token, which is returned by its POST request This Session Token has approximately 30 seconds validity. You must regenerate the Session Token before every Capability execution. To get this Session Token before any capability execution, RSA Identity Governance and Lifecycle Connector for RSA Archer GRC executes its Login capability implicitly when Generate Session Token check box is checked for each capability. (By default this is checked when the Connector is created.) 92
93 This Login capability is responsible for generating a new and passing it to all the capabilities (Applicable only to this RSA Archer GRC Connector template). By default, there is an output parameter configured and named as. This is a Read-Only parameter and you should not change these settings. te that, the Mapping field of this output parameter should be blank. This Output parameter is configured to parse the response from the Login Post request and get the token from the JSON path RequestedObject/. java.net.unknownhostexception can occur for the following reasons: host name is wrong, RSA Archer endpoint is not accessible from the RSA Identity Governance and Lifecycle host, no network connectivity is available, etc. To verify the host name, you can use the command: ping <host name/ip> How to configure the output parameter in the Create Account command 10. Login to RSA Identity Governance and Lifecycle. 11. From the top menu bar, click AFX > Connectors 12. Click on the RSA Archer GRC Connector for which you want to configure the output parameter. 13. Click Edit. 14. Click the Capabilities tab and then click Create an Account. 15. Under Command Output Parameters, click Add More. 16. Provide AccountId as and select Account.User_Id as Mapping. 93
94 17. In AccountId response at the end of the page, select JsonPath as Expression and add RequestedObject/Id as Expression 18. Click OK to save the configurations RSA Archer GRC supports SSL configuration and allows communication over HTTPS protocol. To use secure communication, make sure that the default trust-store has RSA Archer GRC Server certificates added. If the chaining of certificate is required to reach the RSA Archer GRC endpoint from the RSA Identity Governance and Lifecycle instance, ensure that default trust-store has all the required network certificates as well. If the valid certificates are not in the proper keystore, SSLHandshakeException can be observed: javax.net.ssl.sslhandshakeexception: sun.security.validator.validatorexception: PKIX path building failed: sun.security.provider.certpath.suncertpathbuilderexception: unable to find valid certification path to requested target 94
RSA Identity Governance and Lifecycle Connector Data Sheet for OpenLDAP
Connector Data Sheet for OpenLDAP Version 1.2 vember 2017 Table of Contents Purpose... 4 Supported Software... 4 Prerequisites... 4 SSL communication... 4 Manage Endpoint Credentials Using a Password Vault...
More informationRSA Identity Governance and Lifecycle Connector Data Sheet for Oracle Internet Directory
Connector Data Sheet for Oracle Internet Directory Version 1.2 vember 2017 Oracle Internet Directory Connector Datasheet Table of Contents Purpose... 4 Supported Software... 4 Prerequisites... 4 CONFIGURATION...
More informationRSA Identity Governance and Lifecycle Data Sheet for IBM Tivoli Directory Server Connector
RSA Identity Governance and Lifecycle Data Sheet for IBM Tivoli Directory Server Connector Version 1.1 March 2017 Contents PURPOSE... 4 SUPPO RTED SOFTWARE... 4 PREREQUISITES... 4 CONFIGURATION... 6 General...
More informationLieberman Software Rapid Enterprise Defense Identity Management Application Guide
Lieberman Software Rapid Enterprise Defense Identity Management Application Guide Contact Information RSA Link at https://community.rsa.com contains a knowledgebase that answers common questions and provides
More informationRSA Identity Governance and Lifecycle Collector Data Sheet For IBM Tivoli Directory Server
RSA Identity Governance and Lifecycle Collector Data Sheet For IBM Tivoli Directory Server Version 1.2 June 2017 1 Contact Information RSA Link at https://community.rsa.com contains a knowledgebase that
More informationRSA Identity Governance and Lifecycle Generic SOAP Web Service Connector Application Guide. Generic SOAP Web Service Connector Application Guide
Generic SOAP Web Service Connector Application Guide Version 1.3 Nov 2017 1 Contents Revision History... 4 Preface... 5 Audience... 5 In This Guide... 5 Configuring SSL client certificate based authentication...
More informationRSA Identity Governance and Lifecycle Collector Data Sheet for Zendesk
RSA Identity Governance and Lifecycle Collector Data Sheet for Zendesk Version 1.1 December 2017 Contents Purpose... 4 Supported Software... 4 Prerequisites... 4 Account Data Collector... 4 Configuration...
More informationRSA Identity Governance and Lifecycle Collector Data Sheet for IBM Notes
RSA Identity Governance and Lifecycle Collector Data Sheet for IBM Notes Version 1.3 Jan 2018 Contents Purpose... 4 Supported Software... 4 Prerequisites... 4 JBoss... 4 WildFly... 4 WebSphere... 5 WebLogic...
More informationRSA Identity Governance and Lifecycle Connector Data Sheet for Ubuntu Linux
RSA Identity Governance and Lifecycle Connector Data Sheet for Ubuntu Linux Version 1.1 October 2017 1 Table of Contents Purpose... 4 Supported Software... 4 Prerequisites... 5 Configuration... 5 General...
More informationRSA Identity Governance and Lifecycle Connector Data Sheet for Debian Linux
RSA Identity Governance and Lifecycle Connector Data Sheet for Debian Linux Version 1.1 October 2017 Table of Contents Purpose... 4 Supported Software... 4 Prerequisites... 4 Configuration... 5 General...
More informationRSA Identity Governance and Lifecycle Connector Data Sheet for SQL Server
RSA Identity Governance and Lifecycle Connector Data Sheet for SQL Server 1 Contents PURPOSE... 3 SUPPORTED SOFTWARE... 3 PREREQUISITES... 3 MANAGE ENDPOINT CREDENTIALS USING A PASSWORD VAULT... 4 CONFIGURATION...
More informationRSA Identity Governance and Lifecycle Connector Data Sheet for IBM Tivoli Identity Manager 5.1
Connector Data Sheet for IBM Tivoli Identity Manager 5.1 Version 1.1 October 2017 Connector Data Sheet for ITIM 5.1 Table of Contents Revision History 3 Purpose 4 Supported Software 4 Prerequisites 4 Configuration
More informationRSA Via L&G Collector Data Sheet for Oracle Identity Manager (OIM) Version (Release 1)
RSA Via L&G Collector Data Sheet for Oracle Identity Manager (OIM) Version 11.1.1.3.0 (Release 1) Table of Contents Supported Software... 3 Identity Data Collector... 4 Prerequisites... 4 Configuration...
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide Using SafeNet Authentication Service as an Identity Provider for Tableau Server All information herein is either public information or is the property of
More informationRSA Identity Governance and Lifecycle Microsoft Exchange Connector Application Guide. Microsoft Exchange Connector Application Guide
Microsoft Exchange Connector Application Guide Version 1.2 April 2017 1 License Agreement This software and the associated documentation are proprietary and confidential to EMC, are furnished under license,
More informationRSA Identity Governance and Lifecycle Collector Data Sheet for Workday
RSA Identity Governance and Lifecycle Collector Data Sheet for Workday Version 1.3 January 2018 RSA Identity Governance and Lifecycle Collector Datasheet for Workday Contents Purpose... 4 Supported Software...
More informationTrademarks. License Agreement. Third-Party Licenses. Note on Encryption Technologies. Distribution
Copyright 2017 EMC Corporation. All Rights Reserved. Trademarks RSA, the RSA Logo and EMC are either registered trademarks or trademarks of EMC Corporation in the United States and/or other countries.
More informationSafeNet Authentication Client
SafeNet Authentication Client Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV and/or its subsidiaries who shall have and keep
More informationRSA Identity Governance and Lifecycle Collector Data Sheet For Open LDAP
RSA Identity Governance and Lifecycle Collector Data Sheet For Open LDAP Version 1.1 July 2017 Table of Contents RSA Identity Governance and Lifecycle Collector Datasheet for Open LDAP Purpose... 4 Supported
More informationRSA Authentication Manager 7.1 Help Desk Administrator s Guide
RSA Authentication Manager 7.1 Help Desk Administrator s Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA,
More informationRSA Authentication Manager 7.1 Administrator s Guide
RSA Authentication Manager 7.1 Administrator s Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA and the RSA
More informationCisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at
Document Date: May 16, 2017 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL
More informationPTC Navigate Manage Traces Installation and Configuration Guide PTC Navigate Manage Traces 1.0 with Integrity Lifecycle Manager and Windchill
PTC Navigate Manage Traces Installation and Configuration Guide PTC Navigate Manage Traces 1.0 with Integrity Lifecycle Manager and Windchill Copyright 2016 PTC Inc. and/or Its Subsidiary Companies. All
More informationSafeNet Authentication Client
SafeNet Authentication Client Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto and/or its subsidiaries who shall have and keep the
More informationCRYPTOCard Migration Agent for CRYPTO-MAS
CRYPTOCard Migration Agent for CRYPTO-MAS Version 1.0 2009 CRYPTOCard Corp. All rights reserved. http://www.cryptocard.com Trademarks CRYPTOCard and the CRYPTOCard logo are registered trademarks of CRYPTOCard
More informationCreating and Installing SSL Certificates (for Stealthwatch System v6.10)
Creating and Installing SSL Certificates (for Stealthwatch System v6.10) Copyrights and Trademarks 2017 Cisco Systems, Inc. All rights reserved. NOTICE THE SPECIFICATIONS AND INFORMATION REGARDING THE
More informationInstalling and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.
Installing and Configuring VMware Identity Manager Connector 2018.8.1.0 (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on
More informationVMware Identity Manager Connector Installation and Configuration (Legacy Mode)
VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until
More informationHPE Enterprise Integration Module for SAP Solution Manager 7.1
HPE Enterprise Integration Module for SAP Solution Manager 7.1 Software Version: 12.55 User Guide Document Release Date: August 2017 Software Release Date: August 2017 HPE Enterprise Integration Module
More informationHYCU SCOM Management Pack for F5 BIG-IP
USER GUIDE HYCU SCOM Management Pack for F5 BIG-IP Product version: 5.5 Product release date: August 2018 Document edition: First Legal notices Copyright notice 2015-2018 HYCU. All rights reserved. This
More informationNovell Identity Manager
Role Mapping Administrator User Guide AUTHORIZED DOCUMENTATION Novell Identity Manager 1.0 August 28, 2009 www.novell.com Novell Identity Manager Role Mapping Administrator 1.0 User GuideNovell Identity
More informationIntegration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for PingFederate
SafeNet Authentication Manager Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationSafeNet Authentication Manager
SafeNet Authentication Manager Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationNovell Access Manager
Quick Start AUTHORIZED DOCUMENTATION Novell Access Manager 3.1 SP2 June 11, 2010 www.novell.com Novell Access Manager 3.1 SP2 Quick Start Legal Notices Novell, Inc., makes no representations or warranties
More informationGuide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE
Guide to Deploying VMware Workspace ONE with VMware Identity Manager SEP 2018 VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationIntegrating AirWatch and VMware Identity Manager
Integrating AirWatch and VMware Identity Manager VMware AirWatch 9.1.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a
More informationRSA ACE/Agent 5.0 for PAM Installation and Configuration Guide
RSA ACE/Agent 5.0 for PAM Installation and Configuration Guide Contact Information See our Web sites for regional Customer Support telephone and fax numbers. RSA Security Inc. RSA Security Ireland Limited
More informationRSA Authentication Manager 7.1 Migration Guide
RSA Authentication Manager 7.1 Migration Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA and the RSA logo are
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide Using SafeNet Authentication Service as an Identity Provider for SonicWALL Secure Remote Access All information herein is either public information or is
More informationGuide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1
Guide to Deploying VMware Workspace ONE VMware Identity Manager 2.9.1 VMware AirWatch 9.1 Guide to Deploying VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware
More informationIntegration Guide. SafeNet Authentication Client. Using SAC CBA for VMware Horizon 6 Client
SafeNet Authentication Client Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information Document
More informationCloudLink Key Management for VMware vcenter Server Configuration Guide
CloudLink Key Management for VMware vcenter Server Dell EMC CloudLink SecureVM Version 6.0, 6.5, and 6.6 H15988.3 January 2018 This contains procedures to create a trusted connection between CloudLink
More informationOracle Utilities Opower Solution Extension Partner SSO
Oracle Utilities Opower Solution Extension Partner SSO Integration Guide E84763-01 Last Updated: Friday, January 05, 2018 Oracle Utilities Opower Solution Extension Partner SSO Integration Guide Copyright
More informationesignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5
esignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5 Phone: 1-855-MYESIGN Fax: (514) 337-5258 Web: www.esignlive.com
More informationVSP16. Venafi Security Professional 16 Course 04 April 2016
VSP16 Venafi Security Professional 16 Course 04 April 2016 VSP16 Prerequisites Course intended for: IT Professionals who interact with Digital Certificates Also appropriate for: Enterprise Security Officers
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationSafeNet Authentication Manager
SafeNet Authentication Manager Integration Guide Using SafeNet Authentication Manager as an Identity Provider for F5 BIG- IP Access Policy Manager All information herein is either public information or
More informationRSA Authentication Manager 8.0 Security Configuration Guide
RSA Authentication Manager 8.0 Security Configuration Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
More informationSSL Configuration Oracle Banking Liquidity Management Release [April] [2017]
SSL Configuration Oracle Banking Liquidity Management Release 12.4.0.0.0 [April] [2017] Table of Contents 1. CONFIGURING SSL ON ORACLE WEBLOGIC... 1-1 1.1 INTRODUCTION... 1-1 1.2 SETTING UP SSL ON ORACLE
More informationIntegration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for Tableau Server
SafeNet Authentication Manager Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationSUSE Enterprise Storage Deployment Guide for Veritas NetBackup Using S3
SUSE Enterprise Storage Deployment Guide for Veritas NetBackup Using S3 by Kian Chye Tan December 2017 Guide Deployment Guide SUSE Enterprise Storage Deployment Guide SUSE Enterprise Storage Deployment
More informationSafeNet Authentication Client
SafeNet Authentication Client Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV and/or its subsidiaries who shall have and keep
More informationRSA Identity Governance and Lifecycle
RSA Identity Governance and Lifecycle Supplemental Administrative Guidance V7.0.1 Contents Introduction... 3 Intended Audience... 3 References... 3 Evaluated Configuration of the TOE... 4 Installation
More informationHYCU SCOM Management Pack for F5 BIG-IP
USER GUIDE HYCU SCOM Management Pack for F5 BIG-IP Product version: 5.6 Product release date: November 2018 Document edition: First Legal notices Copyright notice 2015-2018 HYCU. All rights reserved. This
More informationSafeNet Authentication Service
SafeNet Authentication Service Push OTP Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have
More informationSSL/TLS Certificate Check
Administration Guide Supplemental SSL/TLS Certificate Check for BEMS and Blackberry Work Product Version: 2.5 Updated: 23-Jan-17 2017 BlackBerry Limited. Trademarks, including but not limited to BLACKBERRY,
More informationGuide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1
Guide to Deploying VMware Workspace ONE DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationDell One Identity Quick Connect for Cloud Services 3.6. Administrator Guide
Dell One Identity Quick Connect for Cloud Services 3.6 2014 Dell Inc. ALL RIGHTS RESERVED. This guide contains proprietary information protected by copyright. The software described in this guide is furnished
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationPolicy Manager for IBM WebSphere DataPower 7.2: Configuration Guide
Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide Policy Manager for IBM WebSphere DataPower Configuration Guide SOAPMDP_Config_7.2.0 Copyright Copyright 2015 SOA Software, Inc. All rights
More informationEntrust Cloud Enterprise. Enrollment Guide
Entrust Cloud Enterprise Enrollment Guide Entrust Cloud Enterprise Enrollment Guide Document issue: 1.0 Copyright 2016 Entrust. All rights reserved. Entrust is a trademark or a registered trademark of
More informationEnterprise Integration Module for SAP Solution Manager 7.2
Enterprise Integration Module for SAP Solution Manager 7.2 Software Version: 12.53-12.55 User Guide Go to HELP CENTER ONLINE http://admhelp.microfocus.com/alm Document Release Date: May 2018 Software Release
More informationINSTALLATION GUIDE Spring 2017
INSTALLATION GUIDE Spring 2017 Copyright and Disclaimer This document, as well as the software described in it, is furnished under license of the Instant Technologies Software Evaluation Agreement and
More informationOracle Fusion Middleware
Oracle Fusion Middleware Administering Web Services 12c (12.1.2) E28131-01 June 2013 Documentation for developers and administrators that describes how to administer Web services. Oracle Fusion Middleware
More informationQuick Install for Avaya Aura Device Services
Quick Install for Avaya Aura Device Services Release 1.0 Issue 2 March 2017 2016-2017 Avaya Inc. All Rights Reserved. Notice While reasonable efforts have been made to ensure that the information in this
More informationFederated Identity Manager Business Gateway Version Configuration Guide GC
Tivoli Federated Identity Manager Business Gateway Version 6.2.1 Configuration Guide GC23-8614-00 Tivoli Federated Identity Manager Business Gateway Version 6.2.1 Configuration Guide GC23-8614-00 Note
More informationSSL Configuration on WebSphere Oracle FLEXCUBE Universal Banking Release [February] [2016]
SSL Configuration on WebSphere Oracle FLEXCUBE Universal Banking Release 12.87.02.0.0 [February] [2016] Table of Contents 1. CONFIGURING SSL ON WEBSPHERE... 1-1 1.1 INTRODUCTION... 1-1 1.2 CERTIFICATES...
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide Using SafeNet Authentication Service as an Identity Provider for RadiantOne Cloud Federation Service (CFS) All information herein is either public information
More informationOracle Cloud Using the Evernote Adapter. Release 17.3
Oracle Cloud Using the Evernote Adapter Release 17.3 E69234-07 September 2017 Oracle Cloud Using the Evernote Adapter, Release 17.3 E69234-07 Copyright 2016, 2017, Oracle and/or its affiliates. All rights
More informationSailPoint IdentityIQ 6.4
RSA Ready Implementation Guide for Administrative Interoperability Partner Information Last Modified: May 13, 2015 Product Information Partner Name SailPoint Web Site www.sailpoint.com Product Name IdentityIQ
More informationOracle Oracle Identity Manager 11g
RSA SecurID Ready Implementation Guide Partner Information Last Modified: August 24, 2014 Product Information Partner Name Web Site Product Name Version & Platform Product Description Oracle www.oracle.com
More informationIntel Unite Solution Version 4.0
Intel Unite Solution Version 4.0 System Broadcast Application Guide Revision 1.0 October 2018 October 2018 Dcoument # XXXX Legal Disclaimers and Copyrights This document contains information on products,
More informationRSA Authentication Manager 6.1 to 8.0 Migration Guide
RSA Authentication Manager 6.1 to 8.0 Migration Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm Trademarks
More informationSafeNet Authentication Client
SafeNet Authentication Client Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationOracle Cloud Using the Eventbrite Adapter with Oracle Integration
Oracle Cloud Using the Eventbrite Adapter with Oracle Integration E85506-05 January 2019 Oracle Cloud Using the Eventbrite Adapter with Oracle Integration, E85506-05 Copyright 2017, 2019, Oracle and/or
More informationOracle Cloud Using the Microsoft Adapter. Release 17.3
Oracle Cloud Using the Microsoft Email Adapter Release 17.3 E70297-10 December 2017 Oracle Cloud Using the Microsoft Email Adapter, Release 17.3 E70297-10 Copyright 2016, 2017, Oracle and/or its affiliates.
More informationDeploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2
Deploying VMware Identity Manager in the DMZ JULY 2018 VMware Identity Manager 3.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have
More informationRSA Identity Governance and Lifecycle Data Sheet for IBM DB2 Database
RSA Identity Governance and Lifecycle Data Sheet for IBM DB2 Database Version 2.1 July 2017 CONTENTS RSA Identity Governance and Lifecycle Data Sheet for IBM DB2 Database... 1 REVISION HISTORY... 3 PURPOSE...
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationOracle Cloud. Using Oracle Eloqua Adapter Release E
Oracle Cloud Using Oracle Eloqua Adapter Release 12.1.3 E65434-01 August 2015 Oracle Cloud Using Oracle Eloqua Adapter, Release 12.1.3 E65434-01 Copyright 2015, Oracle and/or its affiliates. All rights
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationQuick Install for Avaya Aura Device Services
Quick Install for Avaya Aura Device Services Release 7.1 Issue 1 July 2017 2016-2017 Avaya Inc. All Rights Reserved. Notice While reasonable efforts have been made to ensure that the information in this
More informationSafeNet Authentication Manager
SafeNet Authentication Manager Integration Guide Using RADIUS Protocol for F5 BIG-IP Access Policy Manager All information herein is either public information or is the property of and owned solely by
More informationOracle Insurance Policy Administration Configuration of SAML 1.1 Between OIPA and OIDC
Oracle Insurance Policy Administration Configuration of SAML 1.1 Between OIPA and OIDC Version 10.1.0.0 Documentation Part Number: E55027-01 June, 2014 Copyright 2009, 2014, Oracle and/or its affiliates.
More informationMitel MiContact Center Enterprise WEB APPLICATIONS CONFIGURATION GUIDE. Release 9.2
Mitel MiContact Center Enterprise WEB APPLICATIONS CONFIGURATION GUIDE Release 9.2 NOTICE The information contained in this document is believed to be accurate in all respects but is not warranted by Mitel
More informationThis Readme describes the NetIQ Access Manager 3.1 SP5 release.
NetIQ Access Manager 3.1 SP5 Readme January 2013 This Readme describes the NetIQ Access Manager 3.1 SP5 release. Section 1, What s New, on page 1 Section 2, Upgrading or Migrating to Access Manager 3.1
More informationOracle Fusion Middleware
Oracle Fusion Middleware Using Oracle Eloqua Cloud Adapter Release 12.2.1.3.0 E83336-02 July 2017 Documentation for Oracle Service-Oriented Architecture (SOA) developers that describes how to use the Oracle
More informationIntegration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for SonicWALL Secure Remote Access
SafeNet Authentication Manager Integration Guide Using SAM as an Identity Provider for SonicWALL Secure Remote Access Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright
More informationOracle Communications WebRTC Session Controller
Oracle Communications WebRTC Session Controller Security Guide Release 7.0 E40975-01 November 2013 Oracle Communications WebRTC Session Controller Security Guide, Release 7.0 E40975-01 Copyright 2013,
More information<Partner Name> <Partner Product> RSA ARCHER GRC Platform Implementation Guide. Swimlane 2.x
RSA ARCHER GRC Platform Implementation Guide Jeffrey Carlson, RSA Partner Engineering Last Modified: 11/02/2017 Solution Summary The RSA Archer integration allows Swimlane
More informationSafeNet Authentication Client
SafeNet Authentication Client Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationNovatel Wireless SA-2100 Edge MicroServer Installation and Setup Guide. Version [1.0]
Novatel Wireless SA-2100 Edge MicroServer Installation and Setup Guide Version [1.0] Copyright 2015 PTC Inc. and/or Its Subsidiary Companies. All Rights Reserved. User and training guides and related documentation
More informationSiebel REST API Guide. Siebel Innovation Pack 2017, Rev. A November 2017
Siebel REST API Guide Siebel Innovation Pack 2017, Rev. A November 2017 Copyright 2005, 2017 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under
More informationZENworks Mobile Workspace ios Installation. September 2017
ZENworks Mobile Workspace ios Installation September 2017 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights,
More informationSafeNet Authentication Service
SafeNet Authentication Service Integration Guide All information herein is either public information or is the property of and owned solely by Gemalto NV. and/or its subsidiaries who shall have and keep
More informationOracle Cloud Using the MailChimp Adapter. Release 17.3
Oracle Cloud Using the MailChimp Adapter Release 17.3 E70293-07 September 2017 Oracle Cloud Using the MailChimp Adapter, Release 17.3 E70293-07 Copyright 2016, 2017, Oracle and/or its affiliates. All rights
More informationPeopleFluent OrgPublisher HTML5 Installation and Configuration Guide
July 30, 2017 Document Version Number: 1.0 Copyright 2017, PeopleFluent. All Rights Reserved. Contents Contents Preface...1 Audience... 1 Intent... 1 Before You Begin... 1 Document Revision... 1 Document
More informationZENworks Mobile Workspace Installation Guide. September 2017
ZENworks Mobile Workspace Installation Guide September 2017 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights,
More informationRSA Via L&G Collector Data Sheet for Office365
RSA Via L&G Collector Data Sheet for Office365 Table of Contents Purpose 3 Supported Software 3 Account Data Collector 4 Prerequisites 4 Configuration 5 Configuration Information 5 Limitations/ Requirements
More information