Approval web services in OIM Oracle Identity Manager

original url https://abhirockzz.wordpress.com/2015/03/03/approval-specific-web-services-in-oracle-idm/

Approval specific web services in Oracle IDM

This is quick post with regards to the web service endpoints which are leveraged by OIM and SOA in the context of an approval related scenario – basic stuff, but can be useful for beginners.
Oracle IDM integrates with and leverages the SOA suite for approval related features (SOA is quite rich to be honest and is utilized as the back bone for Web Services connector as well). SOA is not just for namesake – SOA suite does in fact rely on the concept of loosely coupled and independent services.

The approval engine makes use of three such web services

  • Request web service: this is deployed on the OIM server
  • Request Callback web service: this is deployed on SOA server
  • Provisioning Callback web service: this too is deployed on OIM and used in context of approvals related to Disconnected application instances

But how/when are these (SOA) services leveraged ?

Consider an example of a basic approval process
  • OIM approval engine calls a SOA composite (from within an approval policy) in response to evaluation of a self service request. The internals of this call are out of scope of this post (maybe some other time!)
  • Operations within the SOA composite are executed and here is where the Request Callback web service comes in to play. The SOA composite calls the Request Callback web service and appraises it of the result of the SOA composite execution (approval/rejection)
  • The Request Callback web service calls relays the result back to approval/request engine within OIM which then proceeds accordingly
Request Callback Web Service
Request Callback Web Service

So what is the Request web service all about ?

This is a generic purpose web service available OOTB in OIM (all you need to do is deploy it). It exposes information within OIM such as users, catalog, organizations etc. You can leverage it within SOA composite (just a few click!) to make your life easier (its not mandatory, but you might need to use this more often than not in order to make dynamic decision making)

Provisioning Callback web service

This is used by the OOTB SOA composite (for disconnected applications) to relay the approval decision back to OIM provisioning engine so that it can mark the task as completed and hence the disconnected instance would show up as Provisioned (this of course is the OOTB behavior which is subject to customization if needed)
Provisioning Callback Web Service
Provisioning Callback Web Service
Note: the snapshots presented above are nothing but the BPEL composites as seen in JDeveloper
Until next time…

Comments

Post a Comment

Popular posts from this blog

VMware fix for Invalid manifest and ova file import failed errors

SOAPUI - import certificate

Session Timeout in Oracle Access Manager