Overview
The PIP Service supports many different adapter types for many types of external information sources including such common Data Sources like Oracle, MySQL, and many others. For each of the Policy Authorization Agents (PAA) that you have defined, you can configure one or more Data Sources.
The Platform supports integrations with a large number of Data Sources types. The full list is available in the Platform when you begin the process of defining a new Data Source Platform.
Data Source List
- JDBC Data Sources
- LDAP Data Sources
- Entra ID (formerly Azure AD)
- Google BigQuery Data Sources
- REST Services Source
- MongoDB
- Azure Cosmos DB
PIP Admin Settings
PIP Connection Adapters
Databases
The following databases are supported by a JDBC Adapter:
- Microsoft SQL Server
- Oracle
- MySQL
- PostgreSQL
- DB2
- JDBC Simple
- Sybase
- Google BigQuery
See the JDBC Data Source article for more information.
Directories
LDAP
Web Service
REST
Microsoft Entra ID (Azure AD)
SCIM
If the adapter you require is not on the list, reach out to your PlainID Contact.
Accessing the Data Source List
To access the Data Source List:
Each Data Source has its own unique configuration settings and requirements. Following is the general flow for most Adapters. For specific information on how to configure a Connection Adapter, contact Technical Support or (if currently available, refer to the appropriate content in the Online Documentation. Links to available sections follow the basic procedure detailed below).
Data Source Connection Adapters are divided into the following groups to help you find the Adapter you need more easily. The Connection Adapter groups include:
- Database (for example: Apache, HyperSQL, JDBC, Microsoft Access, MySQL, PostgreSQL, etc.)
- Web Application (Amazon, Google Sheets, Salesforce)
- File (Excel, .csv format)
- Webservices (for example: OData, OpenAPI, SAP Gateway, Swagger, etc.)
- User Repositories (for example: LDAP)
Creating a new Data Source
To create a new Data Source:
-
Open the Tenant or Environment Settings screen and select PIP Settings.
-
Select an existing PAA from the list of available PAAs. The Data Source List and Views List for that PAA are displayed.
-
Click New Data Source.
-
Enter the Display Name for the new Data Source in the Data Source Details section.
-
In the Connection Adapter field, select the appropriate Connection Adapter. The Connection Adapters are organized in groups, as detailed above (and in alphabetical order within each group).
-
In the Connection Settings section, configure the connection to the external information source. Available fields depend on the selected Connection Adapter.
- Each adapter includes optional username and password fields. You can define connection credentials in one of three ways:
- Enter the username and password as clear text (not recommended outside sandbox environments).
- Use environment variables by enclosing them in brackets for better security and flexibility (e.g.,
[DOE-USER] [DOE-PASSWORD]
). - If integrating with PlainID’s Secret Manager, reference credentials using
{{secret name}}
.- For Secret Manager integration, use the syntax specific to your secret store. See Secret Management Configuration for details.
- Example:
{{store=HASHICORP_VAULT, key=my-database-credentials}}
- Example:
- For AWS RDS DB with AWS IAM Auth:
{{store=AWS_RDS_IAM_AUTH_STORE,key=test_user@shared-partner-mgmt-dev.cluster-g6wgs3hs1zff.eu-east-2.rds.amazonaws.com:5432/eu-east-2}}
.
- For Secret Manager integration, use the syntax specific to your secret store. See Secret Management Configuration for details.
- Each adapter includes optional username and password fields. You can define connection credentials in one of three ways:
-
In the Models section, set a model name and complete other parameters for fetching relevant data objects from the external information source. Models offer a representation of the data structure of the foreign schema built based on the original source. It could be identical to the structure of the original Data Source, same attributes as the original source have, or a subset of the original Data Source. The Model name must be unique to the model and cannot contain special characters. The model size supports up to 4MB of DDL content to provide users with the ability to define intricate data structures in models or when generating a DDL for large database schemas.
-
In the Data Model Properties fields, there are possible key value pairs of configurations that determine the way metadata is fetched from the Data source. In some Data Source types, such as JDBC, it will determine how the DDL statement (see below) will be generated and which data objects from the external information source will be fetched into the model. An example for setting a property that will set only TABLES (and not VIEWS) from an RDBMS external information source:
Note: This functionality is not supported for all Adaptors. After all settings are defined, save the new Data Source with the connected Models, and click Sync Data Sources. This will sync all Data Sources and all models by fetching the data structure from the external information sources (it does not fetch any data from the external sources at this point).