This document has been prepared by the IDHub Implementation Team.

The specifications mentioned below is for user base below 10k. The figures will be subjected to change for user base with more than 10k users.

Product Specification

The specifications for this document is for the IDHub version: 22.0.0 & below.

System Requirements

Below is required for implementation of IDHub for various IDHub connectors with respective client applications.

Hardware

The following machine recommendations are for installing individual connectors:

On-Premise Specifications

If you are opting for an On-Premise implementation (i.e. If you wish to setup all IDHub connectors which perform synchronizations across your applications to and from IDHub), then we would need the following:

  • 1 Virtual Machine with connector related specifications mentioned below

Component

Storage

Memory

CPU

LDAP/Active Directory Connector

10 GB, preferably SSDs

2 GB RAM recommended (4GB preferable)

1-2 cores

O365/Azure AD Connector

10 GB, preferably SSDs

2 GB RAM recommended (4GB preferable)

1-2 cores

Gsuite Connector

10 GB, preferably SSDs

2 GB RAM recommended (4GB preferable)

1-2 cores

Atlassian Connector (Jira and Condluence)

10 GB, preferably SSDs

2 GB RAM recommended (4GB preferable)

1-2 cores

Database Connector

10 GB, preferably SSDs

2 GB RAM recommended (4GB preferable)

1-2 cores

CSV File Connector

10 GB, preferably SSDs

2 GB RAM recommended (4GB preferable)

1-2 cores

On-Cloud Specifications

There are two possible options in a cloud implementation:

  • Private Cloud: A cloud platform is provided by client (We support GCP, Azure and AWS clouds)
    Note: The applications that requires the use of IDHub connectors needs to be in the same VPC (Virtual Private Cloud) / Network

  • Sath’s Cloud: Sath’s Google Cloud Platform is used to host our IDHub Connectors. It will be run via Google Cloud Run.

Networking

In the hardware selected, there are some additional things to note:

  • If the VM has a public IP, then:

    • IDHub Inbound IP (Will be provided by the IDHub Implementation team) will need to be whitelisted in the firewall OR

    • A separate machine needs to be setup for Reverse Proxy

Software

Operating Systems

Operating System

Support

Ubuntu 20.04 LTS, 22.04 LTS (Recommended)

Yes

Debian 11.x

Yes

Red Hat Enterprise Linux 7.x, 8.x, 9.x

Yes

CentOS 7.x, 8x

Yes

Windows is not currently supported. Windows users can download and use the ZIP and TAR archives, and may run the JAR as a Windows Service.

Docker

Docker version 20.10.12 or later is required. Docker Compose version 1.29.2 or later is required.

Ports

Component

Port

LDAP/Active Directory Connector

7001

O365/Azure AD Connector

7002

Gsuite Connector

7003

Atlassian Connector (Jira and Condluence)

7004

Database Connector

7005

CSV File Connector

7006

If the client has a special request to use another port, Implementation team would need to be informed

Connector Specifications

Below are the list of things that the Implementation team will need per connector to perform Connector On-boarding for the clients.

LDAP Connector

For using IDHub LDAP Connector, below are the things required by the implementation team:

  • A setup of Active Directory and IDHub LDAP Connector to be made in the same Local Area Network (LAN).

Not Recommended - If the setup of Active Directory and IDHub LDAP Connector in same LAN is not possible, alternate option is to have your Active DIrectory Server with a Public IP Address with SSL Certificates running on port 636.

  • Active Directory Server IP address.

  • A username and it’s password with Domain Admins, ADSyncAdmins privileges.
    Note: This will be required to perform user provisioning and other synchronizations.

  • Any additional Inbound rule to setup Active Directory for the connector (if any)

Connection Type

The connection can be idle on no activity. There is no need to have the connection opened continuously and it will be invoked On-demand.

O365 Connector

For using IDHub Azure AD/O365 Connector, below are the things required by the implementation team:

  • Azure Active Directory’s Tenant ID

  • A registered application in Client’s Azure Active Directory

Things needed from the Registered Application:

  • Application ID

  • Client Secret value

  • API Permissions

    • Directory.ReadWrite.All

    • User.ManageIdentities.All

    • User.Read

    • User.ReadWrite.All

Connection Type

The connection can be idle on no activity. There is no need to have the connection opened continuously and it will be invoked On-demand.

Hope this helps!