# Boomi ### Overview Boomi is an integration platform as a service (iPaaS) that facilitates connecting applications, data, and processes across various environments. The Veza integration for Boomi Enterprise Platform uses the AtomSphere API to discover users, roles, and permissions on the platform. After enabling the integration, you can: * Review Boomi User to Boomi Role assignments, with support for external user mappings. * Get visibility on privileges granted via custom roles and review built-in role usage. * Monitor Boomi user accounts with the "API Access" role used for programmatic access. This document will help you configure the integration for your tenant. For more details see [notes and supported entities](#notes-and-supported-entities). ### Configuring Boomi #### Step one: Create an Account in Boomi Create an account for the integration user in Boomi: 1. Log in to Boomi Enterprise Platform as an administrator. 2. Go to **Settings** > **User Management**. 3. Create a new role and assign the following Privileges. The new role should not inherit from any other role. `API Access` `Account Administration` 4. Create a new user and assign the user to the role. See [Adding a custom role](https://help.boomi.com/docs/Atomsphere/Platform/atm-custom-role-scenarios) and [Adding a user and assigning roles](https://help.boomi.com/docs/Atomsphere/Platform/t-atm-Adding_a_user_and_assigning_roles_d68063f7-2dea-4271-8c0c-6084c4c2226f) for official documentation. #### Step two: Generate an API token To create a token, you must create an integration user with the API Access role. The API Token feature must be enabled under **Settings** > **Account Information and Setup** > **Boomi AtomSphere API Tokens**. 1. Log in to Boomi as the integration user. 2. Navigate to **Settings** > **My User Settings** > **AtomSphere API Tokens**. ![Creating an API token.](/files/RVx11X8Nr6nj1Xg50cxf) 3. Generate and copy the API token. Save the token to use when configuring the integration in Veza. See [AtomSphere API Tokens settings](https://help.boomi.com/docs/Atomsphere/Platform/int-AtomSphere_API_Tokens_page_6a75a1f6-709c-4b08-b3bd-85fe2ac02e18) for more details. ### Configuring Boomi on the Veza Platform 1. In Veza, go to the **Integrations** page. 2. Click **Add Integration** and search for Boomi. Click on it and click **Next** to add an integration. 3. Enter the required information: * **Account Id**: Id of the Account. Used for Hostname in the URL (e.g., `https://api.boomi.com/api/rest/v1/{{accountId}}/`) * **Username**: Username of the integration user. * **Token**: API token for the integration user. 4. Click *Create Integration* to save the configuration. #### Custom identity mappings for Boomi If your organization uses single sign-on to federate access to Boomi, you can add a custom mapping by editing the identity provider configuration. Add mappings to match external identities in your IdP to user accounts they can access with SSO. See [Custom Identity Mappings](/4yItIzMvkpAvMVFAamTf/integrations/configuration/custom-identity-mappings.md). ### Notes and Supported Entities The integration uses the OAA Application template to model Boomi users, roles, and privileges: * Boomi Platform Account → Custom Application * Boomi Account Users → Local User * Boomi Account user’s Role → Local Role * Boomi Account Role’s Privileges → Local Permissions Veza creates graph entities to represent Boomi Users, Roles, and the individual Privileges they can access. #### Boomi Account Users Represents a local Boomi user, with the attributes: | Attribute | Notes | | ----------- | ------------------------- | | `userId` | The user ID. | | `firstname` | The first name of a user. | | `lastname` | The last name of a user. | #### Boomi Account Roles A built-in or custom role: | Attribute | Notes | | ------------- | ---------------------------- | | `id` | The ID of the role. | | `parentId` | The ID of the parent role. | | `name` | The name of the role. | | `description` | The description of the role. | Built-in roles provide access to common functionality in Boomi. You can use Veza to review user-to-role assignments, or track when the number of users with a role increases or decreases. Built-in roles include: * *Administrator*: Full access to all features, including API access, API management, account administration, account group management, Atom management (both read and write), Boomi Assure, build (read and write), cloud management, dashboard access, environment management, execution of processes, integration pack management, licensing view, packaged component management and deployment, process library management, scheduling, trading partner management, user management, view audit logs, view data, and view results. * *Standard User*: Access to Atom management (both read and write), Boomi Assure, build (read and write), developer tools, environment management, execution of processes, integration pack management, licensing view, packaged component management and deployment, process library management, scheduling, trading partner management, view data, and view results. * *Production Support*: Access to Atom management (both read and write), execution of processes, licensing view, packaged component deployment, scheduling, view data, and view results. * *Support*: Access to Boomi Assure, developer tools, execution of processes, licensing view, view data, and view results. Administrators can also create Custom Roles. These have specific privileges tailored to organizational needs. See [User Roles and Privileges: Common Examples](https://community.boomi.com/s/article/userrolesandprivilegescommonexamples). #### Boomi Account Privileges An individual system permission assigned to a role or directly to a user: | Attribute | Notes | | --------- | ---------------------- | | `name` | Name of the privilege. | Roles define a group of system permissions within Boomi. Example Roles and Privileges: ```json { "id": "9ba2e34c-2818-11e6-a17b-45f3f0dc7cd7", "name": "MDM Administrator", "description": "Boomi Default MDM Administrator Role.", "Privileges": [ {"name": "MDM_DESTROY"}, {"name": "MDM_SOURCE_ATTACH"}, {"name": "MDM_BATCH_ADMIN"}, {"name": "MDM_DASHBOARD"}, {"name": "MDM_EDIT_MODELS"}, {"name": "MDM_STEWARDSHIP"}, {"name": "MDM_VIEW_DATA"}, {"name": "MDM_VIEW_REPOSITORIES"}, {"name": "MDM_VIEW_MODELS"}, {"name": "MDM_STEWARDSHIP_MGMT"}, {"name": "MDM_REPORTING_HISTORY"}, {"name": "MDM_VIEW_LOGS"}, {"name": "MDM_SOURCE_MGMT"}, {"name": "MDM_DEPLOY"}, {"name": "MDM_REPORTING_OPS"}, {"name": "MDM_REPOSITORY_MGMT"} ] } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/integrations/integrations/boomi.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.