Release : 3.4

Component :

The custom connector framework allows specifications of other accounts in the target application specific tab for accounts associated with the custom connector.

The Custom Connector Framework JDK comes with sample connectors that demonstrate this functionality. E.g. the "exampletargetconnector" code includes usage of a master account.

- In file exampletargetconnector\src\main\resources\uiDefinitions.json we find the following tab definition:

    {
        "type": "TARGETACCOUNT",
        "field":"anotherAccount",
        "label": "Master Account",
        "required": false
    }

This will add a field where you can define another account to manage a new account's password. The UI will show this field with label "Master Account", and it is optional. Since we specify that this field is of type "TARGETACCOUNT", the PAM target account editor automatically will provide a search button next to the field to look for an existing account.

- In file exampletargetconnector\src\main\java\com\ca\pam\exampleconnector\api\Credentials.java we can see how this account is retrieved from PAM by passing the "field" value above, "anotherAccount", into the targetAccount.getMasterAccount() method:

        MasterAccount masterAccount = targetAccount.getMasterAccount("anotherAccount");
        String maUserName = "";
        String maPassword = "";
        if (masterAccount != null) {
            TargetAccount masterTargetAccount = masterAccount.getAsTargetAccount();
            maUserName = masterTargetAccount.getUserName();
            maPassword = masterTargetAccount.getPassword();
        }

  Strings maUserName and maPassword are then passed into the credentialsUpdateFromWindows() or credentialsUpdateFromUnix() methods. Those methods will use the master account to connect to the credential source if set. Otherwise the account being updated will be used to connect to the credential source.