The EmpowerID SuccessFactors Connector is an essential integration tool that connects EmpowerID's Identity Management platform with SAP SuccessFactors. This connector is designed to pull user information from SuccessFactors into EmpowerID, ensuring that user identities, roles, and related attributes are consistently reflected within EmpowerID. Using the SCIM 2.0 protocol and the OData protocol for data retrieval, the connector ensures consistent and reliable data synchronization across all connected back-end user directories.
...
The architecture of the EmpowerID SuccessFactors Connector is built around three core components: the EmpowerID Microservice, the EmpowerID Account Store, and the OData Layer. These components facilitate a work together to provide secure, efficient, and reliable integration between EmpowerID and SAP SuccessFactors, ensuring that user data is accurately retrieved, processed, and synchronized.
...
The above architectural flowchart illustrates how these components interact to ensure seamless handle data synchronization and management between EmpowerID and SAP SuccessFactors.
...
The SAP SuccessFactors Microservice is functions as the central processing unit within the connector’s architecture. Deployed on an Azure app service, this microservice retrieves and processes is responsible for retrieving and processing user information from SuccessFactors. The microservice It periodically queries SuccessFactors to pull the latest user data, ensuring that capturing updates to user profiles or organizational roles are accurately captured within EmpowerID. By leveraging The microservice benefits from Azure's cloud infrastructure , the microservice benefits from high for availability, scalability, and integrated security features, ensuring reliable and secure data processing.
SAP SuccessFactors Account Store
The SAP SuccessFactors Account Store is a specialized data repository within the connector architecture, designed to securely store the identity information retrieved from SuccessFactors. The This account store is serves as a central location within EmpowerID where SuccessFactors user data is synchronized and maintained. This setup ensures that the The information pulled from SuccessFactors is readily available for identity management and governance purposes within EmpowerID, enabling allowing organizations to enforce policies and manage access rights based on accurate and up-to-date current user data.
OData Layer
The OData Layer facilitates the retrieval of retrieves user information from SuccessFactors. Positioned between the Azure Tenant and SuccessFactors, this layer utilizes uses the OData protocol to execute queries against the SuccessFactors database. The OData protocol allows enables the connector to efficiently filter, sort, and retrieve specific user data as needed, ensuring that only the relevant information is pulled into EmpowerID. This capability is essential for maintaining process helps maintain an optimized and performant integration, as it minimizes integration by reducing the amount of data processed while and ensuring that all necessary identity information is accurately captured.
Data Inventory and Account Management
The EmpowerID SuccessFactors Connector goes beyond just retrieving and storing data—it systematically inventories and manages user accounts based on the data retrieved from SAP SuccessFactors. Here’s how this process works:
Inventory Objects and Data Retrieval
EmpowerID uses the SCIM 2.0 protocol to connect to initiates SCIM calls to the SAP SuccessFactors microservice, facilitating integration which is responsible for integrating with SuccessFactors. This microservice is responsible for invoking invokes the OData protocol to retrieve user data. The OData layer efficiently queries SuccessFactors, gathering comprehensive user information, including personal details, employment status, and future hires scheduled up to 30 days in advance.
Once the microservice retrieves the user data , it converts it via OData, the OData response is converted into a SCIM response format. This The SCIM response is then sent back returned to EmpowerID, where it the data is processed furtherand inserted as an account object in the EmpowerID Identity and Resource Warehouse.
Inventory Objects and Their Corresponding Components in EmpowerID
Once After the user data is retrieved and processed, EmpowerID catalogs users in SAP SuccessFactors as accounts within its system. The information inserted into EmpowerID as an account object, it is mapped to the corresponding fields in the Account table of the EmpowerID Identity and Resource Warehouse. EmpowerID inventories a comprehensive set of user data, including This process involves cataloging personal and employment details, such as role assignments, job titles, and future hires, up to 30 days in advance.Depending on the configuration of the account storeto ensure that records are maintained accurately.
Object in SuccessFactors | Component in EmpowerID |
|---|---|
User | Account |
Provisioning Person Objects and Lifecycle Management
Once user accounts are inventoried, EmpowerID can automatically provision Person objects from these user accounts. These Person objects are then fully integrated into EmpowerID's Joiner, Mover, and Leaver processes, enabling streamlined management of user lifecycle events. This integration supports efficient handling of user transitions within the organization, from onboarding new hires (Joiner) to managing role and location changes (Mover) to processing terminations (Leaver).
...
Object in SuccessFactors
...
Component in EmpowerID
...
User
...
key to EmpowerID’s lifecycle management processes:
Joiner: Person objects are created for each user account, ensuring they are assigned appropriate roles and access rights.
Mover: When users change roles or locations, their Person objects are updated to reflect new job responsibilities or organizational units.
Leaver: Upon termination, Person objects are deactivated, revoking access rights as required.
Provisioning Person objects from the inventoried accounts enables EmpowerID to manage user transitions efficiently, using the latest data retrieved from SAP SuccessFactors.
Attribute Mapping
EmpowerID maps user attributes from SAP SuccessFactors to the appropriate fields within the EmpowerID system to facilitate seamless data integration. Below is a table that shows the attribute mappings for personal and employment data:
...