Setting up SCIM on Okta

These instructions are for reference only. Company-specific security policies and best practices should be considered when implementing a SCIM integration. These instructions cover the configuration of SCIM on the IdP's side and contain IdP-specific details.

This article details how to set up SCIM on Okta for user provisioning to Haiilo. In this article, we assume you are using the same application for SCIM as you use for SSO. You can view instructions for setting up SSO in Okta in Setting up SSO on Okta.

The general instructions and important information for setting up SCIM on Haiilo can be found in the Managing users with SCIM provisioning article. Please review the article before completing the setup.

Set up SCIM on Okta

You need admin rights in your Okta account to set up SCIM.

Establish the connection

  1. Log in to the Okta Platform.
  2. Go to Applications
  3. Find and select the application you created when setting up SSO for Haiilo
  4. Select Provisioning > Configure API integration
  5. Check Enable API integration and enter the API Token. You can find information on obtaining these in Managing users with SCIM provisioning.
  6. Select Test API credentials
  7. If the connection is successful, select Save

API integration setup on Okta.png

Edit mappings

  1. Scroll down to Haiilo Attribute Mappings
  2. Define Target Object Actions. We recommend using all actions, Create, Update, and Delete.
  3. Decide which profile fields you want to map for users. You can see a list of supported attributes in Managing users with SCIM provisioning.
  4. Remove all unsupported attributes or attributes you don't want to map. If you don't remove them, they can cause undesirable side effects in the platform.

Below is an example of how the attribute mappings can look like:

Example attribute mappings in Okta

Enable provisioning

  1. In the Provisioning to App section, select Edit
  2. Define which actions you want to enable. We recommend using all actions, Create, Update, and Deactivate.
    • Note! Deactivating a user will delete their Haiilo user account. Deleted accounts cannot be restored. They have to be re-created as new users.
  3. Select Save

The initial cycle will run shortly after that and any new users will be created on the platform. To provision previously assigned users, select Assignments > Provision user.

Example provisioning of user from Okta to Haiilo.png

Was this article helpful?