Service Types

Service types are connectors/adapters that allow the product to interact with some underlying system and expose objects in that system as SmartObjects. A service type allows the product to integrate with a technology, while Service Instances of a service type to connect to specific instances of that system. Service instances are configured instances for a particular service type that point to an actual system, and you can have multiple service instances for the same service type that are configured to connect to different systems. For example, one instance of the SQL Server service type is configured to connect to your HR database while another service instance is configured to connect to your Finance database. You must configure service instances before developers and designers are able to create or use SmartObjects for that particular data store.

For more background on Service Types, Services instances, and SmartObjects please see the topic SmartObject Terminology and Architecture

Clicking on Service Types returns a list of all the available Service Types and number of instances per Service Type in your environment. From the Service Types page, you create a new instance for that Service Type.

If you expect to see a specific service type in the list and it does not show, you may not have the sufficient rights to do so. See Authorization Framework Overview for information about rights and permissions.

Service Types

Creating a New Service Instance

Follow these steps to create a new Service Instance for a Service Type:

Click on the Service Type you want to create a new instance for.
The New Instance button becomes available.

Click New Instance. The Configure Service Instance page opens.

Use the table below as a guideline to configure the new service instance:

Section	Field	What to do
Service Instance	Display Name	Type a value for the display name of the new service instance.
Service Instance	Description	Type a value to describe the new service instance.
Service Instance	Service Type	The Service Type selected from the previous view will display. You can select a different Service Type from the drop-down if needed.
Service Authentication	Authentication Mode	Select the Authentication Mode to be used for this service instance from the drop-down. This setting determines the security credentials that will be used to connect to the underlying system. See the topic Authentication Modes for more information. Not all Authentication Modes are supported for all Service Types. Refer to the Service Type documentation for the particular Service Type you wish to configure to see what known Authentication Mode restrictions may exist. Impersonate: passes the connected user's credentials to the underlying system OAuth: uses OAuth tokens to authenticate with the underlying system. This setting requires a configured OAuth resource for the underlying system. ServiceAccount: connects to the underlying system using the credentials of the account that runs the application service SSO: uses cached Single Sign-On credentials for the connected user. This setting will require you to select a Security Provider that will map an incoming user's credentials to alternate credentials that are accepted by the underlying system. Static: use a static username and password to connect to the underlying system
Service Authentication	Security Provider	The Security Provider drop-down will be enabled when the single sign on (SSO) Authentication Mode was selected. Select the security provider to be used from the drop-down.
Service Authentication	OAuth Resource Name	This drop-down will be enabled when the OAuth Authentication Mode was selected. Select the OAuth resource name to be used from the drop-down.(The Resource is defined using the Authentication section of the Management site.)
Service Authentication	OAuth Resource Audience	Enter the OAuth Resource Audience URI to use for OAuth Authentication. This setting is only applicable when using the OAuth Authentication Mode, and refers to the URI used to access a realm, for example https://graph.windows.net
Service Authentication	User Name	This field will be enabled when the Static Authentication Mode was selected. Type the name of the user to be used when connecting to the underlying system.
Service Authentication	Password	This field will be enabled when the Static Authentication Mode was selected. Type the password of the user entered in the User Name field.
Service Authentication	Extra	Type a value for extra connection information. This setting is usually not required unless the authentication mechanism or Service Type selected requires or allows additional configuration.
Service Authentication	Enforce Impersonation	This is a Pass-through Authentication option and is only applicable for the Impersonate and OAuth Authentication Modes. If Enforce Impersonation is not checked and Pass-through Authentication fails for the impersonated user, the service will revert to the Service Account and retry the operation. If Enforce Impersonation is checked, the service will not revert to the Service Account if it fails with the impersonated user.
Service Keys	(The Service Keys depends on the Service Type selected).	Provide the configuration settings for the particular Service Type you are configuring. See the documentation for the particular service type for more information on the available configuration values for that Service Type.
SmartObjects	Generate SmartObjects for this Service Instance	Select the check box if you want to automatically generate SmartObjects for the new Service Instance. (Whether this check box is selected or not, designers can still create SmartObjects for the underlying system manually using Design tools).

Click OK to register the new Service Instance after providing the necessary values. It may take a few seconds for this operation to complete, since the system may be performing discovery operations against a large set of entities, and/or generating and publishing SmartObjects, if the Generate SmartObjects option was selected.

Adding Service Type rights

The Security button allows you to define design-time rules to control who is allowed to manage service types. Service types inherit rights from the service instances security level. See Authorization Framework Overview and Service Instances Security for more information about rights, inheritance, considerations, and best practices before assigning rights per service type.

You can assign rights to a specific service type, which allows you more granular control for each service type.

Right	Description
View	Allows you to see and use the service type and its child service instances at design time in Management and the Designer (Unless inheritance is broken on a lower level)
Create	Allows you to create service instances in Management
Modify	Allows you to update this service type and all its child service instances in Management (Unless inheritance is broken on a lower level)
Delete	Allows you to delete this service type and all its child service instances in Management (Unless inheritance is broken on a lower level)
Security	Allows you to give other people the right to assign rights on this service type and all its child service instances (Unless inheritance is broken on a lower level)

Follow these steps to add rights to a specific service type:

Select a service type and then click Security.
Add a user, group, or role by clicking the Add button.
On the Add Users, Groups, And Roles page search and add a user, group, or role. Click OK.
Specify the user, group, or role's View, Create, Modify, Delete, and Security rights. If the user, group, or role has rights at the service instances security level, the following rights are available: Allow, Deny and Inherited Allow. If the user, group, or role does not have rights at the service instances security level or if the inheritance is broken the following rights are available: Allow, Deny and None.
Add more users, groups, and roles if necessary. Click Close.
When specifying users, groups, and roles, the Everyone role is added during installation, providing all authenticated users, the ability to view service types and service instances. Best practice would be to modify the Everyone role's view rights to None on the Service Instances Security level, and grant permissions to users, groups, and roles according to your organizations requirement on the service type and service instance.