Okta SCIM Setup

The Prerequisites

Before integrating Okta with SpotDraft, ensure the following:

  • Your organization has Single Sign-On (SSO) included in your SpotDraft subscription.
  • You have Admin access to the Security & Identity section in SpotDraft.
  • An existing Okta account is necessary.

Supported Features

SpotDraft currently supports the following provisioning features through Okta:

  • Create Users: Users assigned to the SpotDraft application in Okta are automatically added to your SpotDraft workspace.
  • Update User Attributes: Changes made to user profiles in Okta are reflected in SpotDraft.
  • Deactivate/Reactivate Users: You can deactivate or reactivate users in SpotDraft via Okta.

Unsupported Features

The following Okta provisioning features are not currently supported by SpotDraft, but may be available in the future:

  • Import Users: Users created in SpotDraft can be imported into Okta, either matching existing Okta users or adding new ones.
  • Import Groups: SpotDraft teams can be imported as groups in Okta.
  • Push Groups: Groups and their members from Okta can be pushed to SpotDraft as SpotDraft teams and team members.
  • Bidirectional Sync: SpotDraft does not support bidirectional sync with Okta at this time. Deleting users directly in SpotDraft won't sync back to Okta. Always deprovision users through Okta. For users added via SCIM, avoid deleting them directly in SpotDraft. If a user is deleted in SpotDraft, you must manually remove them from Okta. To recreate the account, first remove the user from Okta, then re-add them to SpotDraft through Okta.

Adding SpotDraft App to Okta

Skip this section if already completed.

Step 1:

If you haven’t already, sign into your Okta Administrative portal https://${yourOktaDomain}-admin.okta.com.

Step 2:

Once signed in, click Applications in the left-hand sidebar, and then Browse App Catalog near the top of the resulting page.

Step 3:

Search for “SpotDraft” in the search bar, and then click the SpotDraft integration from the results. Click the Add Integration button to add the SpotDraft integration to your Okta instance.


Configuring user provisioning with SCIM

Step 1:

Open SpotDraft to generate the SCIM credentials.

  • Navigate to the Provisioning tab under the ‘Security and Identity’ section.
  • Click on Generate SCIM Credentials.
  • Enter a Key Name for the credentials.
  • Copy the Base URL and Key.

Step 2:

  • Navigate to the SpotDraft app on Okta.
  • Click on Configure API Integration under the Provisioning tab.

Step 3:

  • Check Enable API Integration.
  • Paste the Base URL & Key generated from SpotDraft in the Base URL & API Token fields in Okta respectively.
  • Click on Save.

Step 4:

  • In the To App section under the Provisioning tab, make sure the following options are checked:
    • Create Users
    • Update User Attributes
    • Deactivate Users
  • Click on Save.

Step 5:

Now start Provisioning/Deprovisioning users to SpotDraft from the Assignments Tab.

 

Overriding User Name for SpotDraft in Okta

If you find that the name in the Okta Directory for a specific user is not what you need for a SpotDraft user, the global name in Okta can be overridden for the specific SpotDraft app in Okta while adding a user to SpotDraft.

Step 1: Override Name When Adding a User to SpotDraft

  • When adding a user to SpotDraft through Okta, override the user's name specifically for the SpotDraft application by entering the correct first and last name as required.

Copy of Screenshot template (1).png

Step 2: Edit Name Later if Necessary

  • If you need to edit the name later, follow these steps:
    • Go to the Assignments tab under the SpotDraft app in Okta.
    • Click on Edit for the specific user.
    • Update the name as per your requirements.
    • Save the changes to ensure the correct name is displayed in SpotDraft.

Copy of Screenshot template.png

 

For setting up SAML on Okta

Okta SAML Setup

Was this article helpful?

0 out of 0 found this helpful