The Prerequisites
Before integrating Okta with SpotDraft, ensure the following:
- Your organization has Single Sign-On (SSO) included in your SpotDraft subscription.
- You have Admin access to the Security & Identity section in SpotDraft.
- An existing Okta account is necessary.
Supported Features
SpotDraft currently supports the following provisioning features through Okta:
- Create Users: Users assigned to the SpotDraft application in Okta are automatically added to your SpotDraft workspace.
- Update User Attributes: Changes made to user profiles in Okta are reflected in SpotDraft.
- Deactivate/Reactivate Users: You can deactivate or reactivate users in SpotDraft via Okta.
Unsupported Features
The following Okta provisioning features are not supported by SpotDraft at this time, though they may be considered for future releases:
- Import Users: SpotDraft does not support importing users created in SpotDraft into Okta, either for matching with existing Okta users or adding new ones.
- Import Groups: SpotDraft teams cannot be imported as groups into Okta.
- Push Groups: Okta groups and their members cannot be pushed to SpotDraft as teams or team members.
- Bidirectional Sync: SpotDraft does not support syncing changes back to Okta. Deleting users in SpotDraft will not update Okta. All deprovisioning should be done through Okta to maintain consistency. If a user is deleted in SpotDraft, manual removal from Okta is required. To recreate the account, remove the user from Okta first, then re-add them to SpotDraft via Okta.
Adding SpotDraft App to Okta
Skip this section if already completed.
Step 1:
If you haven’t already, sign into your Okta Administrative portal https://${yourOktaDomain}-admin.okta.com
.
Step 2:
Once signed in, click Applications in the left-hand sidebar, and then Browse App Catalog near the top of the resulting page.
Step 3:
Search for “SpotDraft” in the search bar, and then click the SpotDraft integration from the results. Click the Add Integration button to add the SpotDraft integration to your Okta instance.
Configuring user provisioning with SCIM
Step 1:
Open SpotDraft to generate the SCIM credentials.
- Navigate to the Provisioning tab under the ‘Security and Identity’ section.
- Click on Generate SCIM Credentials.
- Enter a Key Name for the credentials.
- Copy the Base URL and Key.
Step 2:
- Navigate to the SpotDraft app on Okta.
- Click on Configure API Integration under the Provisioning tab.
Step 3:
- Check Enable API Integration.
- Paste the Base URL & Key generated from SpotDraft in the Base URL & API Token fields in Okta respectively.
- Click on Save.
Step 4:
- In the To App section under the Provisioning tab, make sure the following options are checked:
- Create Users
- Update User Attributes
- Deactivate Users
- Click on Save.
Step 5:
Now start Provisioning/Deprovisioning users to SpotDraft from the Assignments Tab.
Overriding User Name for SpotDraft in Okta
If you find that the name in the Okta Directory for a specific user is not what you need for a SpotDraft user, the global name in Okta can be overridden for the specific SpotDraft app in Okta while adding a user to SpotDraft.
Step 1: Override Name When Adding a User to SpotDraft
- When adding a user to SpotDraft through Okta, override the user's name specifically for the SpotDraft application by entering the correct first and last name as required.
Step 2: Edit Name Later if Necessary
- If you need to edit the name later, follow these steps:
- Go to the Assignments tab under the SpotDraft app in Okta.
- Click on Edit for the specific user.
- Update the name as per your requirements.
- Save the changes to ensure the correct name is displayed in SpotDraft.
For setting up SAML on Okta