Typical requirements on source systems connected to CzechIdM
When connecting a system to CzechIdM that is meant to be an authoritative source of data (Identities, Org. structure, Contracted positions etc..) there are several ways of how to communicate. There are many common attributes that are usually provided by the source system to CzechIdM. Source system for CzechIdM is HR system in most implementations.
CzechIdM can be connected to HR system by many ways. Most common ones are:
- Web service (SOAP)
- REST api
- Database
Other means of communications are possible too, e.g.
- CSV or similar text export file
but exports has some natural limitations like CzechIdM is not able to write data e.g. email or phone number back to HR.
Typical deployment of CzechIdM in company IT systems environment
Not mandatory requirements on communication channel:
- Parallel processing of request sent by one user
- No boundary for total # requests
- Synchronized communication
- No data paging
- Availability of API documentation, in case of SOAP WS it is advised to provide WSDL, in case of REST we need API specification like Swagger output.
Most common HR systems connected to CzechIdM:
- Vema
- OKbase
- Target
- SAP HR
- Flux
- Navision
- Helios green
Example of common attributes sent by HR Systems :
Identities:
- employee number or other unique, immutable identifier (evidence number)
- login, if generated on HR side
- first name
- last name
- titles before/after name
- phone
- last update time
User’s contracted positions:
- contract ID (unique, immutable)
- reference to identity (employee number, evidence number…)
- code/name of contracted position
- validity of contract (from/until)
- state of contract (active/maternity leave/left)
- last update time
- primary contract flag (true/false)
- reference to org. structure position (code, id…)
Org. structure positions or departments:
- code/Id (unique, immutable)
- Name
- Abbrev
- Reference to parent department or position
- Manager’s position Id (if the manager sits on different position than parent position)
- last update time
One of the most interesting attributes that occurs for every entity is “last update time”. If it is provided by the source system, CzechIdM can synchronize only those objects that has changed since the previous synchronization run.
