FreeIPA Connector

Last modified 08 Jun 2023 14:06 +02:00

Identity connector for RedHat FreeIPA.

Development statuscommunity (maintained by community effort)
Support statuscommunity
Support provided byInalogy
Target systemsRedHat FreeIPA
Source code


Polygon/ConnId connector for FreeIPA


Connector for [FreeIPA]( using [REST API](

Capabilities and Features

  • Schema: YES

  • Provisioning: YES

  • Live Synchronization: No

  • Password: YES

  • Activation: YES

  • Script execution: No

FreeIPA Connector contains support for USER, ROLE and GROUP entity.


[Download]( and build the project with usual:

mvn clean install

After successful the build, you can find connector-freeipa- in target directory.

Configuring resource


  • Verify if service account has set password never expire, has "User authentication types" "Password" and not needed to change password at first log on.

  • Try to log in with created service account (user) to FreeIPA web GUI & verify if you have required permissions to create/update/delete user, create/update/delete groups & roles and his memberships.

  • Set up Logger for package "com.inalogy.midpoint.connectors.freeipa" to TRACE in midpoint over System/Logging/Loggers & verify midpoint.log for error details.

  • In some cases FreeIPA missconfiguration cause to return HTML error page instead of JSON and this is showd as error message in Test Connection "org.json.JSONException(A JSONObject text must begin with '{' at 1 [character 2 line 1])"


Licensed under the [Apache License 2.0](/LICENSE).


FreeIPA Connector is intended for production use. Tested with MidPoint version 4.6. The connector was introduced as a contribution to midPoint project by [Inalogy]( and is not officially supported by Evolveum. If you need support, please contact

Was this page helpful?
Thanks for your feedback