About SCIM provisioning for Okta
Introduction to Okta Automated Provisioning with SCIM
Using Okta as your identity provider enables efficient provisioning and management of your organization’s users in Condeco. The Condeco SCIM integration allows Okta to serve as a single identity manager for adding and removing users, and for provisioning user groups.
Our SCIM integration supports SCIM version 2.0.
See also https://www.okta.com/integrations/condeco-scim-provisioning/
About this guide
The SCIM provisioning for Okta guide is written for administrators and assumes familiarity with Okta; basic identity management concepts; and the SCIM standard.
The key steps are provided, however, this is not a comprehensive guide. For utilizing the full potential of SCIM, please refer to the SCIM 2.0 protocol specification http://www.simplecloud.info/#Specification.
Prerequisites
The following is required to set up the Condeco SCIM application in Okta.
- Admin permissions to your Okta organization’s account.
- Condeco SCIM API URL e.g.
https://<CONDECO-SCIM-Domain>/scim/api/V1/ - Long-lived SCIM token generated from SCIM Token Provider (up to 10 years).
Supported actions
When the SCIM integration between Okta and Condeco is ready, the following actions performed from Okta are also be applied to the users in Condeco.
| Action in Okta | Notes |
|---|---|
| Create users | Condeco requires a unique username for each user. If the username already exists in Condeco, the SCIM User creation is rejected by our SCIM API. |
| Delete users | |
| Update user attributes | Any update attributes applied to users in Okta are automatically updated on the corresponding Condeco user account. |
| Deactivate Users | Deactivating a user or disabling a user’s access to Condeco through Okta, deactivates the user in Condeco. |
| Push Group | Push group automatically creates a corresponding group in Condeco. Any group members (who exist in Condeco) are automatically mapped to the Condeco group (if ‘Push group memberships immediately’ option is ticked. |