Skip to Content

Security Provider - Jitterbit Harmony

The Jitterbit Harmony security provider type supports these scenarios:

  • User Authentication: Use Harmony authentication to log in to Vinyl.
  • Data Source Authentication: Use Harmony authentication to authenticate HTTP requests from Vinyl to Harmony.

The following Authentication Types are supported:

  • Harmony Login: Users log in to Vinyl with their Harmony user name and password to authenticate.
  • Harmony Service Account: Authenticate Harmony and API Manager requests with service account credentials. Vinyl automatically uses a single set of configured Harmony credentials associated with a privileged user account to authenticate with Harmony. All unprivileged user events execute with the service account identity.
  • Harmony Single Sign-On (SSO): Users log in to Vinyl using Harmony single sign-on. Vinyl automatically uses Harmony authentication when users are already authenticated with Harmony.

Configure Harmony Login Authentication

You can configure login authentication for the Jitterbit Harmony security provider type using user or data source authentication.

Prerequisites

This information is required to configure login authentication:

Configuration Steps

Follow these steps to create and enable a new Jitterbit Harmony security provider that supports login authentication. Additional supported settings are described in the Configuration section.

  1. Navigate to the Vinyl IDE
  2. Click the Security Providers button
  3. Click the + User Authentication or + Data Source Authentication button
  4. In the Provider panel, provide the following:
    1. Name: Enter a meaningful name, such as Jitterbit Harmony
    2. Type: Select Jitterbit Harmony
    3. Authentication Type: Select Harmony Login
  5. Click the Save button
  6. In the Properties panel, click the +Property button
    1. Select Region as the Parameter
    2. Select the appropriate Harmony region as the Value
  7. Click the Save button
  8. Click the +Property button
    1. Select OrganizationId as the Parameter
    2. Enter the Harmony organization identifier as the Value
  9. Click the Save button
  10. Click the Validate button from the Provider panel to confirm the security provider configuration
  11. In the Provider panel, click the Edit button
  12. Select the Enabled checkbox
  13. Click the Save button

Configure Service Account Authentication

You can configure service account authentication for the Jitterbit Harmony security provider type using data source authentication only.

Prerequisites

This information is required to configure service account authentication:

  • Harmony region. Selected in Properties or specified in Endpoints.
  • Harmony credentials (username and password). Specified in Credentials.

Configuration Steps

Follow these steps to create and enable a new Jitterbit Harmony security provider that supports service account authentication. Additional supported settings are described in the Configuration section.

  1. Navigate to the Vinyl IDE
  2. Click the Security Providers button
  3. Click the + Data Source Authentication button
  4. In the Provider panel, provide the following:
    1. Name: Enter a meaningful name, such as Jitterbit Harmony
    2. Type: Select Jitterbit Harmony
    3. Authentication Type: Select Harmony Service Account
  5. Click the Save button
  6. In the Properties panel, click the +Property button
    1. Select Region as the Parameter
    2. Select the appropriate Harmony region as the Value
  7. Click the Save button
  8. In the Credentials panel, click the +Credential button
    1. Select Password as the Type
    2. Enter the Harmony email as the User Name
    3. Enter the Harmony password as the Password
  9. Click the Validate button from the Provider panel to confirm the security provider configuration
  10. In the Provider panel, click the Edit button
  11. Select the Enabled checkbox
  12. Click the Save button

Configuration

The Jitterbit Harmony security provider supports the following additional parameters.

Provisioning

The Jitterbit Harmony security provider can be configured to retrieve a user's Harmony roles and convert them to Vinyl claims during the authentication process. Claims are mapped to security provider groups, which themselves can be mapped to security groups. To enable this option, the administrator must select Supplies Group Membership under Provisioning.

Field Value
User Provisioning When enabled, Vinyl will create user accounts based on the identity supplied by the Identity Provider (IdP). User attributes are mapped using claims.
Supplies Group Membership Indicates whether the Identity Provider (IdP) includes group membership claims in the security token. The claims will be registered as provider groups, which can be mapped to user groups.

Endpoints

Type Description
Harmony API The base Harmony region URL, one of:
  • NA: https://na-east.jitterbit.com
  • EMEA: https://emea-west.jitterbit.com
  • APAC: https://apac-southeast.jitterbit.com
Alternatively, specify the Harmony Region under Properties.

Credentials

Type Description
Password Harmony credentials (username and password) (applies only to service account authentication).

Properties

Parameter Description
EnvironmentId The Harmony environment ID, located by hovering on the environment name in the Management Console Environments page. Optional value, if specified Vinyl will verify the user has access to the environment. If unspecified, Vinyl will verify the user is a member of the organization (OrganizationId).
OrganizationId The Harmony organization ID, located in the top right of the Harmony Portal header next to the organization name. When authenticating users, the security provider verifies the user is a member of the given organization. This property is not used when authenticating with a service account.
Region Jitterbit Harmony region, one of:
  • NA: North America and South America
  • EMEA: Europe, the Middle East, and Africa
  • APAC: Asia-Pacific, including Australia

Claims

Identifier Purpose Description
email Name User name.
userId Name ID Opaque, immutable value that identifies the user.
roleId Group Security provider group membership.
email Email Address User account email address.
phone Phone Number User account phone number.

Configure Single Sign-On Authentication

Vinyl ships with a Jitterbit Harmony security provider type named jitterbit.com that can be used for user or data source authentication.

Prerequisites

To use the jitterbit.com security provider, these prerequisites must be met:

  • The Vinyl version must be at least 3.3.33529.
  • The Harmony Portal Vinyl tile must be configured for the Vinyl instance. This configuration is done from the Vinyl > Admin page.

In addition, this information is required to configure the jitterbit.com security provider:

Configuration Steps

Follow these steps to configure and enable the jitterbit.com security provider. Additional supported settings are described in the Configuration section.

Note

Configuring multiple SSO security providers or renaming the jitterbit.com security provider is not supported.

  1. Navigate to the Vinyl IDE
  2. Click the Security Providers button
  3. Locate the jitterbit.com security provider in either the User Authentication panel or Data Source Authentication panel, and open the record for editing
  4. Click the pencil edit icon from the Properties panel for the OrganizationId record
  5. Enter the Value of your Harmony organization ID
  6. Click Save
  7. Click the pencil edit icon for the Region record
  8. Select the Value that corresponds with your Harmony region
  9. Click Save
  10. Click the Edit button from the Settings panel
  11. Select the Enable field to enable the security provider
  12. Click the Save button