Configuring Okta SCIM v2.0
Learn about syncing your user list with Okta SCIM v2.0
Introduction
This guide outlines how to synchronize your application's Okta directories using SCIM v2.0
To synchronize an Enterprise's users and groups provisioned for your application, you'll need to provide the Enterprise with two pieces of information:
- An Endpoint that Okta will make requests to.
- A Bearer token for Okta to authenticate its endpoint requests.
Both of these are available in your Endpoint's Settings in the Developer Dashboard.
Steps 2, 3, and 4 below will need to be carried out by the Enterprise when configuring your application in their Azure AD instance.
1
Click "Add new endpoint".
Input your Enterprise's name, and select "Okta SCIM v2.0" from the dropdown.
Then, click "Create endpoint."
We have support for whitelabeled URLs for Directory Sync endpoints. Contact us for more info!
2
In your application's Enterprise Okta admin panel, click the "Provisioning" tab.
Then, click "Configure API Integration" and check "Enable API Integration".
After that, copy and paste the Endpoint from your Developer Dashboard in the SCIM 1.1 Base URL field.
Then, copy and paste the Bearer Token from your Developer Dashboard into the OAuth Bearer Token field.
Click "Test API Credentials".
Click "Save".
4
In the "Assignments" tab, from the "Assign" dropdown, select:
"Assign to People" and then select users to provision. Press "Save and go back" and then witness realtime changes in your WorkOS Developer Dashboard.
In the "Push Groups" tab, from the "Push Groups" dropdown, select:
"Find Groups by Name" and select groups to provision. Check "Push immediately" and click "Save". Witness realtime changes in your WorkOS Developer Dashboard.