Okta SSO and SCIM
  • 02 Sep 2024
  • 1 Minute to read
  • Contributors
  • Dark
    Light

Okta SSO and SCIM

  • Dark
    Light

Article summary

SSO Configuration with Okta

Step 1: Creating an App

  • Go to the Applications section of your Okta admin console and click Create App Integration.

  • Select SAML 2.0 and click Next.

Step 2: General Settings

  • Name your app, Unleash IT, and upload the provided logo below.

    unleash_icon_purple_png
    4.12 KB


  • Mark your app as Do not display application icon to users and Do not display application icon in Okta Mobile App.

Step 3: SAML Settings

  • Fill in the Single sign-on URL provided to you by the Unleash representative.

  • Fill in the Audience URI to be unleash-tech .

  • Fill in the Default RelayState to be initiator=Idp&returnUrl=https://app.unleash.so/signin .

  • Under Attribute Statements, fill in the following attributes mapping:

    • Please note that the user.id may not be in the dropdown but you can fill it manually.

firstName

user.firstName

lastName

user.lastName

email

user.email

userId

user.id

Step 4: Finish

  • On the last page of the app creation wizard, mark your app as an internal app.

  • After the app is created, copy the Identity Provider Metadata URL and send it to your Unleash representative to finish the SAML setup.

SCIM Configuration with Okta

  1. Set up a SAML app in Okta.

  2. Under the General tab, click on Enable SCIM provisioning.

  1. Under the Provisioning tab, navigate to Settings -> Integration and fill in the following fields:

    • SCIM connector base URL

      • Enter the following URL: https://okta-scim.unleash.so

    • Supported provisioning actions

      Please select the following checkboxes:

      • Push new users

      • Push Profile Updates

      • Push Groups

    • Authentication Mode

      Enter the following field: HTTP Header

    • Configure Authorization

      #Enter the token generated by your Unleash representative

  1. Under the Provisioning tab, navigate to Settings -> To App and edit and enable the following options:

  1. Under the Assignments tab, assign groups for provisioning.

  1. Under Push Groups, click on the Push Groups button. Then, add the group by either name or rule to initiate push provisioning.

If you require further assistance, feel free to contact your Unleash point of contact or email us at support@unleash.so.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.