SCIM provisioning with Okta

Take advantage of Okta’s Provisioning feature to grant access to Ziflow to your users automatically.

Updated over a week ago

The integration between Okta and Ziflow that enables this provisioning is built around an industry-standard protocol known as SCIM (System for Cross-domain Identity Management). Please see this article to learn how Okta works with SCIM.

The remainder of this guide is focused on enabling you to configure both Ziflow and Okta to get provisioning up and running for your organization.


Prerequisites

SCIM-based user provisioning is available to Enterprise customers.

Before you set up SCIM in your Okta admin dashboard, please follow the guide on configuring the Okta SAML SSO connection with Ziflow.

Configuring SSO requires having admin access to the Ziflow account.



Supported provisioning actions


Ziflow supports the following provisioning features at present:

  • Push Users. Users in Okta who are assigned to the Ziflow application in Okta may be added as members to your account in Ziflow.

  • Import Users. Users created in Ziflow can be imported into Okta and either matched against existing Okta users or created as new Okta users.


Configuring SCIM

Steps to be actioned in the Ziflow application:

  1. Sign in to your Ziflow account with an account that has admin rights.

  2. Open your user profile and copy the API key from it.


Steps to be performed in the Okta admin portal:

  1. Log in to Okta and add Ziflow to your applications list.

    Add ziflow application to your Okta apps directory


  2. Click on the Provisioning tab from the application and then Configure API integration.


    Configure API integration in Okta

  3. Select Enable API integration.

    Enable API integration in Okta

  4. Enter the API key copied from your Ziflow account.

    Enter the API key copied from your Ziflow account

  5. Click on the Test API Credentials button, which will verify the entered key. If the test passes, select Save.

    Test API Credentials in Okta

  6. Select To App in the left panel, then select the Provisioning Features you want to enable.

    Select To App in the left panel, then select the Provisioning Features you want to enable.

Note: Please make sure to select Email for the Application username format on the Sign On application tab in Okta.

Credential details in Okta


Assign users to the Ziflow application in Okta.

  1. In Okta, click the Assignments tab of the Ziflow application:

  2. Select Assign, then People. Select the team members you'd like to assign to the Ziflow application.

    Select the team members you'd like to assign to the Ziflow application.


Known Issues/Troubleshooting

  • We currently do not support the following provisioning actions: pushing profile updates, pushing groups, or importing groups.

Did this answer your question?