Configuring SCIM with Okta
The following provisioning features are supported:
Push New Users
- New users created through OKTA will also be created in the third party application.
- The default
timezonefor new users will be the account time zone (set in your ScreenSteps account settings).
- The default
User typewill be set to
readerif no User type is set.
Push Profile Updates
- Updates made to the user's profile through OKTA will be pushed to the third party application.
Push User Deactivation
- Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third party application.
- Groups and their members can be pushed to remote systems.
- User accounts can be reactivated in the application.
Before you configure provisioning for ScreenSteps in Okta, make sure that you have configured your Single Sign-On options in ScreenSteps.
Search for ScreenSteps in the App directory and select Add.
Enter your ScreenSteps account name (from your ScreenSteps URL) in the Site Name field and then select Done.
Get the SCIM URL and API Token from ScreenSteps
- Select Account Settings
- Select API Tokens
- If you don't already have an API token select Create API Token
- Copy the token
Enter Credentials in Okta
- Go to Provisioning in the ScreenSteps App
- Select Configure API Integration
- Select Enabled API Integration
- Enter the ScreenSteps API Token in the OAuth Bearer Token field
- Select Test API Credentials
If the test succeeds then select Save. If it does not succeed then make sure that you copied the correct values from ScreenSteps.
If you set a User Type for a group, then any user that is added to that group will have their role updated in ScreenSteps. Available roles are:
- learner (only available on ScreenSteps training plans)
- reader (default)
Remember that the total number of admin, editor and learner accounts will need to stay within the limits of your ScreenSteps plan. You can have unlimited reader users.
Select Users > Groups
- Select Apps
- Select the edit icon for the ScreenSteps app
Set the User type
- Enter a value of admin, editor, learner or reader (Time zone is not required).
- Select Save
If you enter an incorrect User type in Okta the error message you will receive will not be very specific. It may only say:
Bad Request: Errors reported by remove server.
If you see this error, please make sure that you have set the User type to one of:
If you set it to a
learner User type then make sure that your account allows learners. You can contact email@example.com for assistance.