The integration between Okta and Ziflow that enables this provisioning is built around an industry-standard protocol known as SCIM (System for Cross-domain Identity Management). Please see this article to learn how Okta works with SCIM.
The remainder of this guide is focused on enabling you to configure both Ziflow and Okta to get provisioning up and running for your organization.
Prerequisites
SCIM-based user provisioning is available to Enterprise customers.
Before you set up SCIM in your Okta admin dashboard, please follow the guide on configuring the Okta SAML SSO connection with Ziflow.
Configuring SSO requires having admin access to the Ziflow account.
Supported provisioning actions
Ziflow supports the following provisioning features at present:
Push Users. Users in Okta who are assigned to the Ziflow application in Okta may be added as members to your account in Ziflow.
Import Users. Users created in Ziflow can be imported into Okta and either matched against existing Okta users or created as new Okta users.
Configuring SCIM
Steps to be actioned in the Ziflow application:
Sign in to your Ziflow account with an account that has admin rights.
Open your user profile and copy the API key from it.
Steps to be performed in the Okta admin portal:
Log in to Okta and add Ziflow to your applications list.
Click on the Provisioning tab from the application and then Configure API integration.
Select Enable API integration.
Enter the API key copied from your Ziflow account.
Click on the Test API Credentials button, which will verify the entered key. If the test passes, select Save.
Select To App in the left panel, then select the Provisioning Features you want to enable.
Note: Please make sure to select Email for the Application username format on the Sign On application tab in Okta.
Assign users to the Ziflow application in Okta.
In Okta, click the Assignments tab of the Ziflow application:
Select Assign, then People. Select the team members you'd like to assign to the Ziflow application.
Known Issues/Troubleshooting
We currently do not support the following provisioning actions: pushing profile updates, pushing groups, or importing groups.