Is there API available for Active Roles?

There are basically two main types of "API" integration possible with Active Roles:

1) A series of COM objects and associated methods for managing aspects of the configuration of the tool itself

This is covered in the SDK document that ships with the product.

2) "Controls" that can be specified when performing operations on AD objects through the tool using the Quest Powershell cmdlets

Relating to item 1 above, in simple terms these are additional instructions that can be sent to the AR Administrative service when asking it to perform AD management functions so that the tool can "react" to the transaction in some way.  A trivial example is logging the reason for an action in the AR management history:

Set-QADUser -proxy -identity jsmith -Description "New description text" -Control @{'operationreason'="Set by set_description script"}

When reviewing the jsmith object's change history in AR, you would see the "Set by..." message reflected in the change item for the description.

Note that you don't have to use Powershell commands to manipulate objects through Active Roles - you can leverage the product's installable ADSIProvider which in simplest terms, offers a method to bind to both AR Managed AD objects and if permissions permit, the configuration of the tool itself.

So, assuming you have the AR ADSIProvider installed, in your code where you might normally specify "LDAP://<server>/<object path>", you would use "EDMS://<server>/<object path>"

A third option is SPML but historically, this is something that has not been well documented or widely used.

On the "outbound" side, if you want AR to talk to other systems you can either implement custom code using Powershell or potentially leverage one of the many "connectors" available in the product's accompanying Sync Service component.

Hope this helps.

PS If you were to describe the type of integration you are looking to achieve, someone here might be able to point you in the right direction.

There are basically two main types of "API" integration possible with Active Roles:

1) A series of COM objects and associated methods for managing aspects of the configuration of the tool itself

This is covered in the SDK document that ships with the product.

2) "Controls" that can be specified when performing operations on AD objects through the tool using the Quest Powershell cmdlets

Relating to item 1 above, in simple terms these are additional instructions that can be sent to the AR Administrative service when asking it to perform AD management functions so that the tool can "react" to the transaction in some way.  A trivial example is logging the reason for an action in the AR management history:

Set-QADUser -proxy -identity jsmith -Description "New description text" -Control @{'operationreason'="Set by set_description script"}

When reviewing the jsmith object's change history in AR, you would see the "Set by..." message reflected in the change item for the description.

Note that you don't have to use Powershell commands to manipulate objects through Active Roles - you can leverage the product's installable ADSIProvider which in simplest terms, offers a method to bind to both AR Managed AD objects and if permissions permit, the configuration of the tool itself.

So, assuming you have the AR ADSIProvider installed, in your code where you might normally specify "LDAP://<server>/<object path>", you would use "EDMS://<server>/<object path>"

A third option is SPML but historically, this is something that has not been well documented or widely used.

On the "outbound" side, if you want AR to talk to other systems you can either implement custom code using Powershell or potentially leverage one of the many "connectors" available in the product's accompanying Sync Service component.

Hope this helps.

PS If you were to describe the type of integration you are looking to achieve, someone here might be able to point you in the right direction.