- Overview
- Configuration
App Store Connect
Automate user provisioning for App Store Connect to streamline developer access.
Overview
Integrating App Store Connect with your Active Directory using ADManager Plus enables organizations to streamline identity and access management by automating user life cycle processes. This integration ensures that changes made in App Store Connect, such as new user assignments, role modifications, or removals, are automatically synchronized with Active Directory (AD), Exchange, Microsoft 365, and other connected systems.
Automate user provisioning
Automate bulk user creation, modification, and deletion without using a single line of PowerShell script.
Role-based access controls
Automatically assign and update permissions for users in App Store Connect based on role changes in AD, ensuring that access rights are accurate and aligned with job responsibilities.
Effective offboarding
Streamline the deactivation of user access and permissions, ensuring secure and compliant removal of accounts when users leave the organization.
Prerequisites:
App Store Connect uses JWT Token for Authorization. Refer to App Store Connect API references for more details.
Privileges:
- To import users (inbound action): Ensure the account used for authorization has permission to read all user accounts.
- To perform any action or query in App Store Connect (outbound action): Ensure the account used for authorization has permission to perform the desired action.
Authorization configuration
- Log in to ADManager Plus and navigate to Directory/Application Settings.
- Go to Application Integrations, then search and select App Store Connect.
- Toggle the Enable App Store Connect Integration button on.
- In the App Store Connect Configuration page, click Authorization.
- Replace the Private Key value with that of your instance.
- Click Configure.
Inbound webhook configuration
Inbound webhook enables you to fetch user data from App Store Connect and transfer it to ADManager Plus. To configure an inbound webhook for App Store Connect:
- Under Inbound Webhook, click App Store Connect Endpoint Configuration.
- In the Endpoint Configuration tab, an endpoint, App Store Connect- GET USERS ENDPOINT, comes preconfigured with an Endpoint URL, API Method, Headers, and Parameters fields to fetch user accounts from App Store Connect. If you would like to use this preconfigured endpoint, replace the placeholder values with your App Store Connect-specific identifiers in the Endpoint URL field. However, if you would like to use a new endpoint to import users, you can configure one using the + Add API endpoint button and filling in the required fields as per App Store Connect's API references. Click here to learn how. Note:
- Authorization Header is preconfigured as a header for authenticating API requests as configured during Authorization Configuration.
- You can add macros to your endpoint configuration to dynamically change it as per your requirement using the macro chooser component.
- Refer to App Store Connect's API references and configure additional headers and parameters, if required.
- Once done, click Test & Save. A response window will display all the requested parameters that can be fetched using the API call. After verifying if the requested parameters have been called to action, click Proceed. Note:
- Refer to App Store Connect's API references to know the Parameters that must be configured to fetch only specific parameters.
- You can configure multiple endpoints for App Store Connect using the + Add API endpoint button. Click here to learn how.
- Click Data Source - LDAP Attribute Mapping to match endpoints and to map AD LDAP attributes with the respective attributes in App Store Connect.
- Click + Add New Configuration and perform the following:
- Enter the Configuration Name and Description and select the Automation Category from the drop-down menu.
- In the Select Endpoint field, select the desired endpoint and a Primary Key that is unique to a user (for example, id). Note: When multiple endpoints are configured, this attribute must hold the same value in all the endpoints.
- In the Attribute Mapping field, select the attribute from the LDAP Attribute Name drop-down menu and map it with the respective attribute in App Store Connect.
- If you would like to create a new custom format for this, click Add New Format.
- Click Save.
- Configure an automation with the required action, repeat frequency, and the above configured attribute mapping configuration.
Outbound webhook configuration
An outbound webhook enables you to send changes made in AD using ADManager Plus to App Store Connect and carry out tasks in App Store Connect—all from ADManager Plus. To configure an outbound webhook for App Store Connect:
- Under Outbound Webhook, click App Store Connect Webhook Configuration.
- Click + Add Webhook.
- Enter a name and description for this webhook.
- Decide on the action that has to be performed and refer to App Store Connect's API references for the API details, such as the URL, headers, parameters, and other requirements.
- Select the HTTP method that will enable you to perform the desired action on the endpoint from the drop-down menu.
- Enter the endpoint URL.
- Configure the Headers, Parameters, and Message Type in the appropriate format based on the API call that you would like to perform.
- Click Test and Save.
- A pop-up window will then display a list of AD users and groups on which to test the configured API call. Select the desired user or group on which this API request has to be tested and click OK. This will make a real-time call to the endpoint URL, and the selected objects will be modified according to the configuration.
- The webhook response and request details will then be displayed. Verify them for the expected API behavior and click Save.