The EmpowerID SuccessFactors Connector is a strategic integration tool designed to seamlessly link EmpowerID's Identity Management platform with SAP SuccessFactors, a leading Human Capital Management (HCM) suite. This connector is engineered to facilitate robust and efficient synchronization of user identities, roles, and permissions between the two systems, thereby streamlining HR and IT processes within organizations. Utilizing the SCIM 2.0 protocol for provisioning and the OData protocol for data retrieval, the connector ensures consistent and reliable synchronization of data across all connected back-end user directories.
Architecture Overview
This connector's architecture comprises three core components:
EmpowerID Microservice: Deployed on an Azure app service, this microservice handles the integration logic and processes data between EmpowerID and SuccessFactors.
EmpowerID Account Store: Specifically designed to store and synchronize SuccessFactors identity information, ensuring data consistency and integrity.
OData Layer: Positioned between the Azure Tenant and SuccessFactors, the OData layer facilitates the retrieval of data from SuccessFactors, allowing for efficient querying and manipulation of HR data.
The Azure app service uses a system-assigned managed identity tied to a Microsoft Entra ID application explicitly created for EmpowerID. This setup enables the SuccessFactors microservice to securely access Entra ID-protected services without requiring explicit credentials for authentication. To ensure a high degree of security throughout this interaction, client certificate authentication is employed.
Key Features and Benefits
Standardized Data Retrieval:
OData Protocol: Utilizes OData to retrieve data from SuccessFactors, ensuring standardized querying and manipulation of HR data.
Efficiency: The OData protocol supports filtering, sorting, paging, and other query operations, allowing for efficient data handling.
Provisioning and Synchronization:
SCIM 2.0 Protocol: Facilitates the provisioning of EmpowerID Persons and sustains data synchronization across connected directories.
Real-time Updates: Ensures that changes in SuccessFactors are promptly reflected in EmpowerID, maintaining data consistency.
Secure Integration:
Managed Identity: Uses a system-assigned managed identity to securely access Entra ID-protected services.
Client Certificate Authentication: Enhances security by employing client certificate authentication for all interactions.
Seamless HR and IT Processes:
Unified Management: Streamlines the management of user identities, roles, and permissions across HR and IT systems.
Improved Efficiency: Reduces manual intervention and automates synchronization tasks, leading to more efficient HR and IT operations.
Inventory Objects and their corresponding components in EmpowerID
Connects to the SuccessFactors API and retrieves Employee data.
Object in SuccessFactors | Component in EmpowerID |
|---|---|
Employee | Account |
Attribute Mapping
The table below shows the attribute mappings of SAP SuccessFactors users to EmpowerID.
Personal Data
SuccessFactors Attribute | SCIM Attribute | EmpowerID Person Attribute |
|---|---|---|
personalInfoNav.FirstName | name.givenName | FirstName |
personalInfoNav.LastName | name.familyName | LastName |
personalInfoNav.MiddleName | name.middleName | MiddleName |
personalInfoNav.LastName , personalInfoNav.FirstName | displayName | DisplayName |
employee.DateOfBirth | additionalDataExtension.DateOfBirth | DateOfBirth |
personalInfoNav.Gender | additionalDataExtension.Gender | Gender |
homeAddressNavDFLT.Country | addresses.country && user.Country | Country |
homeAddressNavDFLT.ZipCode | address.PostalCode | ZipCode |
homeAddressNavDFLT.State | address.Region && user.State | State |
homeAddressNavDFLT.Address1 | address.StreetAddress | StreetAddress |
homeAddressNavDFLT.City | address.Locality && user.City | City |
homeAddressNavDFLT.StateNav.externalCode | address.Region , user.State | State |
employee.PersonExternalId | user.UserName , User.Id , user.ExternalId | Username , Id , LogonName |
emailNav.Primary | email.IsPrimary | Primary |
emailNav.Value | email.Value | |
PerPhone.PhoneNumber | phoneNumber.Value | HomePhone |
PerPhone.Primary | phoneNumber.isPrimary | |
User.custom01 | enterpriseDataExtension.custom01 | CustomAttribute01 |
Employment Data
SuccessFactors Attribute | SCIM Attribute | EmpowerID Person Attribute |
|---|---|---|
EmploymentNav.JobInfo.Department | enterpriseUserExtension.Department | Department |
EmploymentNav.JobInfo.Division | enterpriseUserExtension.Divsion | Division |
EmploymentNav.JobInfo.SeqNumber | enterpriseUserExtension.EmployeeNumber | EmployeeId |
EmploymentNav.JobInfo.ManagerId | enterpriseUserExtension.Manager.Value | ManagerId |
EmploymentNav.JobInfo.CompanyNav.Name_en_US | enterpriseUserExtension.Organization | |
EmploymentNav.JobInfo.CostCenter | enterpriseUserExtension.CostCenter | CostCenter |
EmploymentNav.JobInfo.StartDate | enterpriseDataExtension.StartDate | ValidFrom |
EmploymentNav.JobInfo.EndDate | enterpriseDataExtension.EndDate | ValidUntil |
EmploymentNav.JobInfo.JobCode | enterpriseDataExtension.JobCode | JobCode |
EmploymentNav.JobInfo.JobTitle | enterpriseDataExtension.JobTitle | JobTitle |
EmploymentNav.JobInfo.CompanyNav.Name_en_US | enterpriseDataExtension.CompanyName | CompanyName |
EmploymentNav.JobInfo.WorkLocation | enterpriseDataExtension.WorkLocation | OfficeLocation |
EmploymentNav.JobInfo.EmployeeStatusNav.Status | enterpriseDataExtension.EmployeeStatus | EmployeeStatus |
EmploymentNav.JobInfo.WorkingDaysPerWeek | enterpriseDataExtension.WorkingDaysPerWeek | CustomAttribute1 |
EmploymentNav.JobInfo.CostCenterNav.CostCenterDescription | enterpriseDataExtension.CostCenterDescription | CostCenterDescription |
EmploymentNav.JobInfo.CompanyNav.Name_en_US | enterpriseDataExtension.CompanyDescription | CompanyDescription |
EmploymentNav.JobInfo.BusinessUnit | enterpriseDataExtension.BusinessUnit | BusinessUnit |
EmploymentNav.JobInfo.IsFulLTimeEmployee | enterpriseDataExtension.IsFullTimeEmployee | IsFulLTimeEmployee |
EmployeeNav.IsContigentWorker | enterpriseDataExtension.IsContigentWorker | IsContigentWorker |
employeeNav.LastDayWorked | enterpriseDataExtension.LastDayWorked | LastDayWorked |
employmentNav.OriginalStartDate | enterpriseDataExtension.OriginalStartDate | OriginalHireDate |
EmploymentNav.JobInfo.WorkingDaysPerWeek | enterpriseDataExtension.WorkingDaysPerWeek |