Instructions to Setup Okta SSO & SCIM

Follow the instructions below:

Alternatively, you may book a call with us (contact number or link of the page that has contact details), and we’ll be happy to walk through the setup with you. 

Be sure to invite your Okta Admin.

 

Contents 

  1. Prerequisites
  2. OIDC Supported Features
  3. SCIM Supported Features
  4. Configurations Steps
  5. SP-Initiated SSO
  6. Notes

 

Prerequisites

  • Admin access to an Okta org.

 

OIDC Supported Features 

  • Service Provider (SP)-Initiated Authentication (SSO) Flow:
    This authentication flow occurs when the user attempts to log in to the application from IntegriShield.

 

SCIM Supported Features 

  • Create users
  • Update user attributes
  • Deactivate users
  • Import users
  • Import groups
  • Group push

 

OIDC & SCIM Configuration Steps

  • In Okta, Go to Applications >> Browse App Catalog, and search and add IntegriShield application.
  • Assign the users or groups that should be able to log into the new IntegriShield integration.
  • Go to the IntegriShield App >> Sign-On tab and note Client ID and Client Secret.
  • Now contact Integrishield support with the following information:
    • Your Okta Domain (similar to acme.okta.com)
    • Client ID
    • Client Secret
  • The customer support representative will use above information to create the new tenant on the app. The newly created tenant will be mapped over a new sub-domain on integrishield.com for example acme.integrishield.com.
  • Customer support will provide you the following
    • Newly mapped sub-domain: which you can enter in the Sub-Domain field under your Okta app settings
    • SCIM token:  which you have to enter in the Token field under Provisioning tab.
  • Also check and save following features in the provisioning area.
    • Create users
    • Update user attributes
    • Deactivate users
    • Import users
    • Import groups
    • Group push

Note: Here acme is an example organization name used for illustrative purpose.

SP-initiated SSO

Once the Okta SSO is setup, users of the IntegriShield account can login as usual: 

  • Go to https://acme.integrishield.com.
  • It will redirect you to Okta.
  • Login with the user added in Okta application.

 

Notes

Once enabled, users can only log into the IntegriShield account through Okta. Old passwords will no longer work for existing users.