Follow this procedure to set up SAP Ariba Category Management as а source system.
Currently, SAP Ariba Category Management connector is only available for selected customers who are approached by SAP.
This system is available for bundle tenants running on SAP Cloud Identity infrastructure and standalone tenants running on SAP Cloud Identity infrastructure and SAP BTP, Neo environment. Bundle tenants running on Neo environment can use it only through SAP Jam Collaboration and SAP Identity Access Governance bundle options.
You have created an instance and generated a service key for the scim service plan of SAP Ariba Category Management. For more information, see Creating a SAP Ariba Category Management SCIM Service Instance in Your Subaccount.
SAP Ariba Category Management is a cloud-based solution that enables organizations to define and manage purchasing categories and provides actionable market intelligence, category insights, and various tools and templates for developing and operationalizing category strategies that drive business value and performance. This business solution is built on SAP Business Technology Platform (BTP). You can use Identity Provisioning to configure SAP Ariba Category Management as a source system where you can read users from and provision them to a target system.
SAP Ariba Category Management does not support groups.
-
Access the Identity Provisioning UI.
-
Sign in to the administration console of SAP Cloud Identity Services and navigate to Identity Provisioning > Source Systems.
-
Add SAP Ariba Category Management as a source system. See: Add New Systems.
-
Choose the Properties tab to configure the connection settings for your system.
If your tenant is running on SAP BTP, Neo environment, you can create a connectivity destination in your subaccount in the SAP BTP cockpit, and then select it from the Destination Name combo box in your Identity Provisioning User Interface.
If one and the same property exists both in the cockpit and in the Properties tab, the value set in the Properties tab is considered with higher priority.
We recommend that you use the Properties tab. Use a connectivity destination only if you need to reuse one and the same configuration for multiple provisioning systems.
Mandatory Properties
Property Name
Value
TypeEnter: HTTP
URLEnter the URL provided by the service key under the scim-v1 field without adding the path information.
ProxyTypeEnter: Internet
AuthenticationEnter: BasicAuthentication
UserEnter the value from the clientid field of the service key.
Password(Credential) Enter the value from the clientsecret field of the service key.
OAuth2TokenServiceURLEnter the OAuth 2.0 Token Service URL. This is the value from the url field of the service key plus
/oauth/token(Optional)
cm.user.filterWhen specified, only those SAP Ariba Category Management users matching the filter expression will be read. For example:
-
userName eq "SmithJ"
-
emails.value eq "[email protected]"
-
emails.value eq "[email protected]" or emails.value eq "[email protected]" or emails.value eq "[email protected]"
To learn what additional properties are relevant to this system, see List of Properties. You can use the main search, or filter properties by the Name or System Type columns.
-
-
(Optional) Configure the transformations.
Transformations are used to map the user attributes from the data model of the source system to the data model of the target system, and the other way around. The Identity Provisioning offers a default transformation for the SAP Ariba Category Management source system, whose settings are displayed under the Transformations tab after saving its initial configuration.
You can change the default transformation mapping rules to reflect your current setup of entities in your system. For more information, see:
SCIM APIs for SAP Ariba Category Management
Mapping logic – the behavior of the default transformation logic is to read all user attributes from the source SAP Ariba Category Management system, and then map them to the internal SCIM representation. It uses
entityIdSourceSystemto store the unique ID of the identity.Default transformation:
{ "user":{ "mappings":[ { "sourcePath":"$.id", "targetVariable":"entityIdSourceSystem" }, { "sourcePath":"$.schemas", "targetPath":"$.schemas", "preserveArrayWithSingleElement":true }, { "sourcePath":"$.userName", "targetPath":"$.userName", "correlationAttribute":true }, { "sourcePath":"$.externalId", "targetPath":"$.externalId", "optional":true }, { "sourcePath": "$['urn:ietf:params:scim:schemas:extension:sap:2.0:User']['userUuid']", "targetPath": "$['urn:ietf:params:scim:schemas:extension:sap:2.0:User']['userUuid']", "optional": true }, { "sourcePath":"$.name.givenName", "targetPath":"$.name.givenName", "optional":true }, { "sourcePath":"$.name.familyName", "targetPath":"$.name.familyName", "optional":true }, { "sourcePath":"$.emails[*].value", "targetPath":"$.emails[?(@.value)]", "optional":true, "preserveArrayWithSingleElement":true }, { "sourcePath":"$.emails[?(@.primary== true)].value", "optional":true, "correlationAttribute":true }, { "sourcePath":"$.active", "targetPath":"$.active" }, { "sourcePath":"$.displayName", "targetPath":"$.displayName", "optional":true } ] } } -
Add a target system to provision users to it. Choose from: Target Systems
- Before starting a provisioning job, you can first subscribe for e-mail notifications from the source system you use in your scenario. This way, you will be notified by e-mail about eventual failed entities during the jobs. For more information, see Manage Job Notifications.
- Now, start an identity provisioning job. For more information, see Monitor Provisioning Job Logs.
Related Information