8.2 Adding an Integration Activity

  1. Create a provisioning request definition (see Section 4.0, Configuring Provisioning Request Definitions).

  2. Create a workflow for the provisioning request definition (see Section 6.0, Creating the Workflow for a Provisioning Request Definition).

  3. Click the Workflow tab.

  4. Drag an Integration activity from the palette and place it in the desired location in the workflow.

  5. Click the Properties tab.

  6. Type a name for the activity in the Name field.

  7. Click the Value field for the WSDL Resource property, then click the browse button to display a dialog box that you use to locate the WSDL file for the Web service that you want to access with the Integration activity.

  8. Use the dialog box to browse your file system to locate the WSDL file for the Web service that you want to use. Click the name of the WSDL file, then click Open.

    A dialog box that you use to select a port type and operation for the Web service is displayed.

    The Select Port Type list includes a set of port types supported by the Web service. Each port type supports operations that include the input and output messages of the operation.

    This window allows you to specify the SOAP endpoint, the user ID used to access the SOAP endpoint, and the password used to access the SOAP endpoint. These options are all ECMAScript expressions and can be GCV values. Use the ECMA Expression Builder to configure the expressions you want to use.

    NOTE:The Use new WSDL Generation type option enables Designer to build the Integration activity using an XML Interchange action instead of a WS Interchange action. It is recommended that you leave this option selected, because the WSDL parsing is more robust, and the resulting Integration activity does not require the WSDL document be maintained as part of the provisioning request definition and is smaller in size.

  9. Select a port type from the Select Port Type list.

  10. Select an operation from the Select Operation list.

  11. If you want to specify a SOAP endpoint, specify a SOAP endpoint URL, either by selecting the URL from the Select Soap Service Endpoint Expression list or by clicking the “E” icon and using the ECMA Expression Builder to configure an expression that resolves to the SOAP endpoint URL.

    NOTE:Ensure that you specify the private key in DER format (PKCS8) and without a password. You can convert the private key from PKS12 to PKCS8 format by running an OpenSSL command. For example, openssl pkcs8 -topk8 -inform PEM -outform DER -in key.pem -nocrypt > key

  12. If you want to use basic authentication for a SOAP endpoint, complete the following steps:

    1. Select SOAP Service requires Basic Authentication.

    2. In the User ID Expression field, click the “E” icon and use the ECMA Expression Builder to specify an expression that resolves to the user ID used to access the SOAP endpoint.

    3. In the Password Expression field, click the “E” icon and use the ECMA Expression Builder to specify an expression that resolves to the password used to access the SOAP endpoint.

      NOTE:As a best practice, it is recommended that you use password-ref GCV for passwords. For information about additional best practices about managing passwords, see Managing Passwords in the NetIQ Identity Manager Security Guide. To retrieve a named password over LDAP from a workflow, see Allowing a Named Password to be Retrieved over LDAP in the NetIQ Identity Manager - Administrator’s Guide to the Identity Applications.

  13. Click OK.

    The Integration activity creates an action model based on the WSDL document.You use the action model at design time to test the input to the Web service, test the response from the Web service, and map and transform data, if necessary, before returning the data to the workflow.

    For many Web services, you don’t need to concern yourself with the action model. You simply create data item mappings for the Integration activity. After the action model is created, a new tab, Integration, is added to the provisioning request definition editor. You use this tab to access the action model.

  14. Specify the Timeout, Retry Count, and Final Timeout Action properties (see Integration Activity).

  15. If you want to view or edit the action model, click the Integration tab.