MidPoint is primarily synchronous system. Its major processes like reconciliation, live synchronization or regular provisioning work in synchronous mode. However, recent releases have brought a possibility of asynchronous communication (e.g. based on messaging) with both source and target resources. These are asynchronous updates in version 4.0 and asynchronous provisioning in version 4.3.
When to Use Asynchronous Communication
These new features enable communication with resources that are not directly reachable. By this we mean that it is not possible to open a connection with them to ask for data or for operation execution. Asynchronous updates are also useful in cases with very strict update timing requirements (like seconds) or when live sync feature is not available. Asynchronous provisioning currently lacks the support for confirmation of operations execution from the target. After (eventual) implementation of this feature they will be useful also for reachable but slow resources, e.g. those that take tens of seconds or more to update their data.
Please see the decision trees in the following figures.
Costs and Limitations
The main costs or limitations associated with these features are:
- they are experimental, this means we do not recommend their use in production,
- they are more complex to set up and use, compared with the traditional synchronous processes,
- in case of missing direct reachability, they need to use attribute caching (taking some storage space), and do not allow reconciliation with the source or target resource.
Note that the last point mentioned is not a limitation of the asynchronous methods as such. It is a natural consequence of the resource unreachability. So we advise to avoid constraining resource connectivity (if possible) when designing the whole solution.
Asynchronous Provisioning Configuration
The overall schema of the asynchronous provisioning – that was the main topic of the webinar – is the following:
The core of the processing lies in the built-in asynchronous provisioning connector that transforms generic add/modify/delete operations into application-specific request messages and sends them to a defined place (e.g. a JMS queue).
Example Resource Configuration
An example resource configuration along with messages generated using simplifiedJson
transformation is shown in the following figure:
More Information
More detailed information on asynchronous provisioning can be found in the documentation. To get in-depth explanation, please watch the video recording of the webinar which took place on May 27th, 2021 or check the presentation slides. The source code for the accompanying demo is available in GitHub repository.