Skip to content

feat: Add Devolutions Server (DVLS) connector#3

Open
c1-dev-bot[bot] wants to merge 1 commit into
mainfrom
epd-1804/add-devolutions-connector
Open

feat: Add Devolutions Server (DVLS) connector#3
c1-dev-bot[bot] wants to merge 1 commit into
mainfrom
epd-1804/add-devolutions-connector

Conversation

@c1-dev-bot
Copy link
Copy Markdown

@c1-dev-bot c1-dev-bot Bot commented Mar 18, 2026

Summary

New ConductorOne Baton connector for Devolutions Server (DVLS) — a self-hosted Privileged Access Management (PAM) platform.

Resolves EPD-1804. Customer request from Connor Strong.

What it does

  • Syncs Users with full identity attributes (username, firstName, lastName, email, userType, authenticationType, isEnabled, isAdministrator)
  • Syncs User Groups with membership grants
  • Syncs Roles (permission sets: Contributor/Operator/Reader)
  • Syncs Vaults with permission-based access grants per user

Architecture

  • REST API client (pkg/client/) using Application Identity auth (appKey + appSecret)
  • Automatic token refresh on 5-minute expiry via /api/is-logged check
  • Page-number pagination via /api/v3/users, /api/v3/user-groups, /api/v3/vaults
  • Follows standard Baton connector patterns (ResourceSyncer interface, pagination.Bag)

Configuration

--server-url  Devolutions Server URL (e.g., https://dvls.example.com)
--app-key     Application Identity key
--app-secret  Application Identity secret

IGA Field Mapping

Field Source
Identity id (GUID), username, firstName, lastName, email
Org/ABAC userType, authenticationType, tags
RBAC Group memberships, vault access with permission sets
Lifecycle isEnabled, audit.createdDate, audit.modifiedDate

Test plan

  • Unit tests pass (go test ./... — 11 tests)
  • Build succeeds (go build ./cmd/baton-devolutions)
  • Integration test against DVLS instance with Application Identity credentials

feat: Add Devolutions Server (DVLS) connector
3ee81c8 
New ConductorOne Baton connector for Devolutions Server PAM.
Uses REST API with Application Identity auth (appKey/appSecret)
with automatic token refresh on 5-minute expiry.

Resources synced: Users, Groups, Roles (permission sets), and Vaults
with permission-based access (Contributor/Operator/Reader).

Resolves EPD-1804.
@linear
Copy link
Copy Markdown

linear Bot commented Mar 18, 2026

EPD-1804 Devolutions Connector

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants