Skip to main content
  • Bravura Safe Documentation
  • Admin
  • Directory Connector

Directory Connector

Notice

For Bravura Safe product administrators.

About Directory Connector

Bravura Safe Teams are built by inviting people to join a Team. This works great for self-organizing teams aligned around a project or a task. Membership of these Teams is often only known to those who are part of that Team as they assemble to complete a task.

However, some Teams are broader and structured along with business execution needs. These Teams and their memberships are usually known in directories and identity providers. Examples of these Teams include companies as a whole, divisions, and departments. For these scenarios, it is beneficial to automate the invitation process to reduce maintenance and ensure people have the access they need the day they start with a role in the organization.

Bravura Safe's Directory Connector can help the people tasked with administrating and owning these Teams. The owners and/or administrators can configure a Directory Connector that lists memberships off cloud-hosted or on-premises directories and leverage Bravura Safe’s rest API to automate the invitation and group membership change processes.

Bravura Safe is a SaaS-hosted solution. The Directory Connector is a Linux-centric tool that can be hosted in any network with access to your directories and then communicates with Bravura Safe exclusively over its HTTPS rest API. The Directory Connector also operates as a proxy that enables simple and scalable approaches to broker these necessary security boundaries found in all companies today.

The primary benefits of the Directory Connector strategy are that you can delegate the day-to-day configuration and maintenance of the solution away from the group providing Bravura Safe as a service to a company and to the administrators of the Teams who know their Teams best. Allowing those administrators to choose the right sets of users to bring in and how to locate those users in the directories they are familiar with and use daily. This is especially useful when you get different directories that might contain employees, employees in different geographic locations, partners, customers, students, and service providers.

safe-directory-connector

A Directory Connector sync can be run on-demand or automatically on a configured interval. The Directory Connector applications can be installed as an agent on the server that hosts your directory, an administrator's workstation, or any other desktop device that can access the source directory.

The Directory Connector supports sync from the following sources:

  • Active Directory

  • Any LDAP-based directory

  • Azure Active Directory

  • G Suite

  • Okta

  • OneLogin

Directory Connector applications

Directory Connector is available as a desktop application and Command Line Interface (CLI) are available for the Directory Connector. The desktop application and CLI share the same database and configurations, so you can use both, however simultaneous use is not recommended.

Note

If you are setting authentication values, such as keys or secrets, in the Directory Connector data.json file, you must use the directory connector desktop application to set these values. This is because authentication values of this type cannot be set in plain text using the CLI, they must use the encrypted version that the desktop application inputs for you.

In this section: