Skip to main content
Skip table of contents

Configure Okta Provisioning for Declaree

The Okta/Declaree provisioning integration allows you to automate user management between the two platforms.

Supported Features

The integration currently supports:

  • Create Users

  • Update User Attributes

  • Deactivate Users

  • Import Users

  • Sync Passwords

  • Group Push

Requirements

Make sure you have:

  • A separate administrator account in Declaree for provisioning.

  • If you manage multiple organizations, add this account to the parent organization (the default for provisioned users).

  • Unique group names in Declareeā€”otherwise groups wonā€™t sync correctly.

Setup Steps

1. Enable API Integration in Okta

  1. In Okta, open API Integration.

  2. Select Enable API Integration.

  3. Enter the username and password of your provisioning admin account.

mceclip0 (1).png

  1. Click Test API Credentials.

    • If the test succeeds, click Save.

    • If it fails, check the credentials by logging into Declaree directly. Reset the password if needed.

2. Configure ā€œTo Appā€ Settings

  1. Go to the To App page in Okta.

  2. Enable the following:

    • Create Users

    • Update User Attributes

    • Deactivate Users

    • Sync Passwords

  3. Recommended password settings:

    • Sync a randomly generated password

    • Generate a new password whenever the userā€™s Okta password changes

mceclip2.png

3. Configure ā€œTo Oktaā€ Settings

  1. Go to the To Okta page.

  2. Set Import Users to Never if all user management occurs in Okta.

    • Alternatively, specify a sync schedule if identities need to be imported from Declaree.

mceclip3.png

4. Assign Users

  • Go to the Assignments tab.

  • Add users who should be provisioned to Declaree.

With these steps complete, your Okta provisioning with Declaree is ready to use.

Troubleshooting and Tips

  • Email vs Username

    • To avoid showing Okta usernames where Declaree expects email addresses, go to the Sign On tab and set Application username format to Email.

  • Failed API Test

    • If the API credentials test fails, try logging in manually with the provisioning account.

    • If login fails, reset the password and re-test.

  • SCIM Module Required

    • This integration is available only for accounts with the SCIM module enabled. Contact our team for more information.

 

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close