Skip to Content

SuccessFactors OData security provider in Jitterbit App Builder

The SuccessFactors OData security provider authenticates requests made to a SuccessFactors OData web service endpoint. The SuccessFactors OData security provider supports the following authentication types:

  • HTTP Basic Authentication
  • OAuth SAML 2.0 Bearer Assertion

Configuration

Authentication types

HTTP basic authentication

See the HTTP security provider for details on how to configure HTTP Basic Authentication.

OAuth SAML 2.0 bearer assertion

See the OAuth security provider for details on how to configure the SAML 2.0 Bearer Assertion grant.

Note that SuccessFactors refers to the OAuth client identifier (client_id) as the "API Key." SuccessFactors does not require a client secret (client_secret). Therefore, to configure the client credentials, create a Credential of type Client, provide the API Key as the user name, and leave the password blank.

Defaults

The SuccessFactors OData security provider will default the following Token properties:

  • Issuer: Defaults to the OAuth client identifier (client_id).
  • Audience: Defaults to www.successfactors.com.
  • Recipient: Defaults to the API Endpoint (see below) with the path /odata/v2 appended.

In addition, the SuccessFactors OData security provider will default the following endpoints:

  • Token Endpoint: Defaults to the API Endpoint (see below) with the path /oauth/token appended.

Endpoints

The SuccessFactors OData security provider defines the following additional endpoints:

Type Description
API Endpoint SuccessFactors API root URL, e.g. https://api4.successfactors.com/. As noted in the SuccessFactors documentation, "Your endpoint URLs for accessing the OData APIs depend on the data center hosting your SuccessFactors instance."

Note

The URL must not contain the /odata/v2 path. App Builder will append the path.

Properties

The SuccessFactors OData security provider defines the following additional parameters:

Parameter Default Description
CompanyId The SuccessFactors company identifier. Required.

Known issues and limitations

SAML assertion source

The SuccessFactors Odata security provider cannot source SAML assertions from a SAML Single Sign-On (SSO) provider. SuccessFactors expects the SAML assertion's Issuer to match the OAuth2 Client Application API Key. API Keys are opaque blobs. Though some SAML SSO Identity Providers (IdPs) can be configured to generate a SAML assertion with an arbitrary Issuer, they may describes the Issuer as urn:oasis:names:tc:SAML:2.0:nameid-format:entity. That format describes a URI. Since the API Key can't be parsed as a URI, App Builder rejects the SAML assertion.