SCIM Configuration with Okta

Updated 2 days ago by Andrew White

This article will explain how to setup SCIM with your IdP. Before enabling SCIM, you must first enable SSO. For information on how to enable Single Sign On, read more here.

SSO is available for users on Spoke's Plus plan.

Spoke API token

To turn on SCIM, log into Spoke. You will need to be a Spoke admin to make these changes.

  1. Navigate to Settings
  2. Click the "SSO" tab
  3. Turn the "Provision Users with SCIM" toggle to on
  4. Select "Generate a token" to generate an API token. Copy this API Token.

Okta configuration

Log into Okta, and navigate to "Applications" to search your active applications for "Spoke"

  1. Click the "Provisioning" tab
  2. select "API Integration" from the left menu.
  3. Click "Configure API integration"
  4. Click the "Enable API Integration" checkbox
  5. Paste the API Token copied in Section 1 into this field
  6. Click Save

Provisioning features

Click the "To App" tab on the left menu. Select the provisioning features you wish to enable, and select Save.

  • Create Users: Enable this if you would like to create or link a user when assigning the app to a user in Okta
  • Update User Attributes: Enable this if you would like Okta to update user profiles in Spoke. If this is enabled, Okta will overwrite user details in Spoke.
  • Deactivate Users: Enable this if you would like a user's Spoke account to be deactivated when it is unassigned in Okta, or when their Okta account is deactivated.

SCIM can be used to update the following attributes
  • Display name
  • Job title
  • Email
  • Joined teams
  • Manager name
  • Manager email
  • Employee Type
  • Location
  • Department
  • Start Date

Assigning the app

Select the "Assignments" menu on the right side.

Make sure to assign the app to yourself first.

From the Assignments menu, select "Assign" then choose "Assign to People" or "Assign to Group"

Choose the people or groups you'd like to assign by selecting the "Assign" button on the right side.

Select "Save and Go Back"

Confirm

Navigate back to Spoke and check the user's profile to make sure that the user you assigned was updated. You will see the user you just added to Okta created as a user in Spoke.

You can also navigate to the SSO tab and check the bottom of the page. If SCIM is connected you will see the last time Okta sent an update to Spoke.


How did we do?