ADP Connector

ADP is a leading provider of cloud-based human capital management solutions, including payroll processing, time and attendance tracking, benefits administration, and more. ADP Connector automates time-consuming tasks of data entry, record keeping, and training enrollment, increasing company compliance.

The ADP Connector is a Relational Database Management system (RDBMS) that allows users to crawl and profile the datasets such as Tables, Columns and helps build the data catalog and relationship.


Connector Capabilities

Functionality Supported Data Objects

Tables, Table Columns, View

Supported Data Types: String, Int, Sub Table.

Profiler Table profiling (Sample): Row Count, Column Count, View Sample Data


The prerequisites to establish a connection to ADP are as follows:

  1. ADP certificate
  2. Accessibility
  3. Service Account Permission
  4. Establish environment variables

ADP certificate 

  • ADP Certificate with .jks extension (private key file should be included).


A development app needs to be created in the ADP self-service portal. The APIs can be accessed from this development application. The scope of the development application needs to be updated if access is needed for more API (workers).

Service Account with Minimum Permissions

The following are the minimum privileges required for a service account user to crawl and profile the ADP connector.

Operation Minimum Access Permission
Connection Validation Read
Crawling Read
Profiling Read

Establish Environment Variables (Optional)

This section describes the settings or instructions that you should be aware of prior to establishing a connection. If your environments have been configured, skip this step.

Configure Environment Names

The Environment Names allow you to select the environment configured for the specific connector from the dropdown list in the Add Connector pop-up window.
You might want to consider crawling the same schema in both stage and production environments for consistency. The typical environments for crawling are PROD, STG, or Temporary, and may also include QA or other environments. Additionally, crawling a temporary environment can be useful for schema comparisons, which can later be deleted, especially during application upgrade assistance. 

Steps to Configure the Environment

  1. Navigate to Administration | Configuration. 
  2. Select the Connector tab.
  3. Find the Key name “connector.environment”.
  4. Enter the desired environment values (PROD, STG) in the value column. 
  5. Click ✔ to save. 

Establish a connection

To establish a Connection to MongoDB:

  1. Log in to the OvalEdge application
  2. In the left menu, click on the Administration module name, and click on the Connectors sub-module name. The Connectors Information page is displayed.
 3. Click on + New Connector. The Add Connector pop-up window is displayed




Connection Type

The selected connection type is displayed as ‘ADP’ by default. 

If required, the dropdown menu allows you to change the connector type and based on the selection of the connection type, the fields associated with the selected connection type are displayed.


The available authentication types for the ADP connector are:
  • Client Credentials
  • Instance Credentials 

For more information, refer to Section Additional Information

Connection Name

Enter a connection name for the ADP database. You can specify a reference name to identify their APD database connection in OvalEdge easily.

Example: ADP_accountsdb

License Add-Ons*

All the connectors will have a Base Connector License by default that allows you to crawl and profile to obtain the metadata and statistical information from a datasource. 

OvalEdge supports various License Add-Ons based on the connector’s functionality requirements.

  • Select the Auto Lineage Add-On license that enables the automatic construction of the Lineage of data objects for a connector with the Lineage feature. 
  • Select the Data Quality Add-On license to identify, report, and resolve the data quality issues for a connector whose data supports data quality, using DQ Rules/functions, Anomaly detection, Reports, and more.
  • Select the Data Access Add-On license that will enforce connector access via OvalEdge with Remote Data Access Management (RDAM) feature enabled

Client ID*

  • ADP client ID
  • Development app Client ID


The environment dropdown menu allows you to select the environment configured for the connector from the dropdown list. For example, PROD, or STG (based on the configured items in the OvalEdge configuration for the connector.environment).
The purpose of the environment field is to help you identify which connector is connecting what type of system environment (Production, STG, or QA).  
Note: The steps to set up environment variables in explained in the prerequisite section.

Client Secret*

Enter the ADP Client Secret / Dev app Client Secret

SSL Certificate Path

Enter the .jks file path, which is generated using Client Certificate and Private Key provided in the development app.

Store Password

If your Private Key is encrypted, provide the password in this field.

Key Password

Enter the Keystore password. If your JKS file is present in Keystore and Keystore path is provided above. 

Subscriber OOID*

If Client Credentials are selected, enter the subscriber OOID of ADP. If the Instance Credentials option is selected, Subscriber OOID is not needed.

Grant Type*

Client_credentials is the default.

Token Server URL*

Enter the URL or hit the default URL to fetch the Bearer Token.

API Server URL*

Enter the URL or hit the default URL to fetch the data from the ADP application.

Default Governance Roles*

You can select a specific user or a  team from the governance roles (Steward, Custodian, Owner) that get assigned for managing the data asset. 

Note: The dropdown list displays all the configurable roles (single user or a team) as per the configurations made in the OvalEdge Security | Governance Roles section. 

Admin Roles

Select the required admin roles for this connector.

  • To add Integration Admin Roles, search for or select one or more roles from the Integration Admin options, and then click on the Apply button. 
    The responsibility of the Integration Admin includes configuring crawling and profiling settings for the connector, as well as deleting connectors, schemas, or data objects.
  • To add Security and Governance Admin roles, search for or select one or more roles from the list, and then click on the Apply button. 
    The security and Governance Admin is responsible for:
    • Configure role permissions for the connector and its associated data objects.
    • Add admins to set permissions for roles on the connector and its associated data objects.
    • Update governance roles.
    • Create custom fields.
    • Develop Service Request templates for the connector.
    • Create Approval workflows for the templates.

No of archive objects*

It is the number of last modifications made in the metadata data of a Remote/source. By default, the number of archive objects is set to disable mode. Click on the Archive toggle button and enter the number of objects you wish to archive.

For example, if a user updates the count as 4, then the connection is crawled. It will provide the last 4 changes that occurred in the remote/source of the connector. Users can view these changes in the ‘version’ column of the ‘Metadata Changes’ module. 

Select Bridge

With the OvalEdge Bridge component, any cloud-hosted server can connect with any on-premise or public cloud data sources without modifying firewall rules. A bridge provides real-time control that makes it easy to manage data movement between any source and destination.

For more information, refer to Bridge Overview

4. Click on the Validate button to validate the connection details.

5. Click on the Save button to save the connection.  Alternatively, you can also directly click on the Save & Configure button that displays the Connection Settings pop-up window to configure the settings for the selected Connector. The Save & Configure button is displayed only for the Connectors for which the settings configuration is required. 

Note: * (asterisk) indicates the mandatory field required to establish a connection. Once all the parameters are entered, the user can validate the details and save the connection that will get displayed on the Connector Home page. 

Note: You can either save the connection details first, or you can validate the connection first and then save it. 

Connection Validation Errors 


Error Message(s)



Connection Timeout

Invalid credentials are provided or the server is not running.


Broken Pipeline

Due to heavy traffic. Hit the same API after some time to avoid errors.

Note: For any Connector issues, please contact our Customer Support  Management team.

Connector Settings 

Once the connection is established successfully, various settings are provided to fetch and analyze the information from the data source. The connection settings include  Crawler and Profiler. 

Connection Settings



Crawler settings are configured to connect to a data source and collect and catalog all the data elements in the form of metadata. 


It is the process of gathering statistics and informative summaries about the connected data source(s). Statistics can help assess the data source's quality before using it in an analysis. Profiling is always optional; crawling can be run without profiling also.

Note: For more information, refer to the Connector Settings.

The Crawling of Schema(s)

You can use the Crawl/Profile option, which allows you to select the specific schemas for the following operations: crawl, profile, crawl & profile, or profile unprofiled. For any scheduled crawlers and profilers, the defined run date and time are displayed to set. 
  1. Navigate to the Connectors page, and click on the Crawl/Profile option.
  2. Select the required Schema(s).
  3. Click on the Run button that gathers all metadata from the connected source into OvalEdge Data Catalog.

Note: For more information on Scheduling, refer to Scheduling Connector

Additional Information

The additional information includes various authentication types available for the ADP connection.

Client Credentials: Self-Service Portal

Self-Service Portal is also known as client credential. Typically, ADP client credentials include a client ID and a client secret, which are used in combination with other authentication protocols (such as OAuth) to ensure secure access to ADP's APIs and other services.

Instance Credentials

An ADP instance credential is a unique set of authentication credentials provided by ADP to clients for a specific instance of their software or service. These credentials are used to authenticate the client's identity when accessing that specific instance of the software or service.

Copyright © 2023, OvalEdge LLC, Peachtree Corners GA USA