Skip to main content
Skip table of contents

Okta configuration guide

Features

The Okta/Declaree Provisioning integration currently supports the following features:

  • Create Users

  • Update User Attributes

  • Deactivate Users

  • Import Users

  • Sync Password

  • Group push

  • Requirements

In order to configure Okta Provisioning with Declaree, you're encouraged to add a separate user account with administrative privileges. If you have more than one organisation, please add this account to the organisation which should be the default for users who are provisioned through this integration.
In order to sync groups, make sure the group name should be unique, otherwise the groups won't be linked

Step-by-Step Configuration Instructions

You’ll begin by enabling API Integration:

  1. Check the Enable API Integration box.

  2. For username and password, enter the credentials that belong to the (new) user account used provisioning.

mceclip0 (1).png

Test the API credentials before saving. When the test confirms a successful connection, save the settings.

To App

After setting up the API Integration, you will need to enable all options in the 'To App' page. The checkboxes for 'Create Users', 'Update User Attributes', 'Deactivate Users' and 'Sync Password' should all be checked. You are free to set your own password sync options, but our recommendation is to use the 'Sync a randomly generated password' option and to 'Generate a new random password whenever the user's Okta password changes'

Your settings should look like the following screenshot:

mceclip2.png

To Okta

The 'To Okta' page should be set to never import users from Declaree, when all user management occurs from the Okta system. Otherwise, specify the schedule to have identities synchronised between Declaree and Okta.

mceclip3.png

When all settings are saved, you can use the 'Assignments' tab to add users to Declaree.

 

Troubleshooting and Tips

To prevent users from seeing their Okta username where Declaree displays the users email address, please set the 'Application username format' to 'Email' in the Sign On tab.

If your API Credentials Test fails, please check your credentials by doing a normal web login using the provisioning account credentials. If this fails, please reset the password. In any case, feel free to contact support if you have any questions.

  • This integration with Okta is only available to accounts that have the SCIM module enabled. See pricing and plans or contact us to learn more.

 

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close