Warning
This script is for the new powershell connector. Make sure to use the mapping and correlation keys like mentioned in this readme. For more information, please read our documentation
Note
This repository contains the connector and configuration code only. The implementer is responsible to acquire the connection details such as username, password, certificate, etc. You might even need to sign a contract or agreement with the supplier before implementing this connector. Please contact the client's application manager to coordinate the connector requirements.
The HelloID-Conn-Prov-Target-KPN-Lisa is a cloud desktop workplace application and provides a set of REST APIs that allow you to programmatically interact with its data. With the connector, you can manage the user's and user's authorizations. Which displays in two permissions references. One manages the groups and one the LicenseProfiles. And in addition, there will be a default WorkspaceProfile added to the account while creating the account.
The following settings are required to connect to the API.
| Setting | Description |
|---|---|
| AADTenantDomain | The windows domain name of your Azure environment, e.g "myazuredomain.onmicrosoft.com" |
| AADTenantID | The Azure Tenant ID of your Azure environment |
| AADAppID | The App ID of the "App registration" in your Azure AD environment. The "App registration" in Azure is the identity with which this HelloID connector will log in your Azure environment to perform all actions |
| Scope | The version of the API that's being used |
| AADAppSecret | The "Client secret" generated by the "App registration" in your Azure AD environment, that serves as a sort of password. |
-
Microsoft AzureAD
-
An App registration in Azure to be used by KPN Lisa.
Note
The HelloID-Conn-Prov-Target-KPNLisa connector is built for PowerShell Core 7. This means the connector can be executed using the cloud HelloID agent.
- When a new user is created in KPN Lisa, a default password is generated automatically by KPN Lisa. That password will also be returned in the response. At this point that password is not send back to HelloID.
This connector tries to catch all the person provisioning actions to the target system, some specialties will me highlighted below.
correlation will match the value of the person field to the account correlation field name in the target system. Both fields need to be selected in the correlation configuration screen.
The Create/Update account performs multiple web calls to creating and modifying the Account. When one of the web calls fails the action will be marked as Failed.
- Create or correlate a account in KPN Lisa
- Set the manager to the account
- Update an account in KPN Lisa
- Update the manager of the account or
- Remove the manager from the account
A User can only have one WorkspaceProfile, so be careful not to add multiple profiles to a user as this will overwrite previously granted profiles. The return will remove whatever workspaceProfile is active at the moment. This can result in unwanted behavior.
The API documentation specifies all fields that can be set to the user. All string and number values can be uses in this connector. See the KPN Lisa Docs for the full list of fields. Boolean values need a modification in the scripts as result of limitations by HelloID.
The connector files include the account life cycle and two separate Permissions definitions.
For help setting up a new target connector, please refer to our documentation
If you need help, feel free to ask questions on our forum
The official HelloID documentation can be found at: https://docs.helloid.com/ Specific info by the provider about the Kpn Lisa api Itself can be found at https://mwpapi.kpnwerkplek.com/index.html