Integrating with Okta
Satori provides you with the ability to integrate with Okta, a secure identity cloud that links all your apps, logins and devices into a unified digital fabric. Ensure that you have first setup the SCIM integration in Satori according to the following instructions:
Before you Start - Setup the SCIM Protocol
Satori integrates with identity providers to manage users and groups via the SCIM protocol.
SCIM - A System for Cross-domain Identity Management is a protocol for user management across multiple applications. It allows an IT or Operations team to easily provision (add), de-provision (deactivate), and update user data across multiple applications at once.
Setting up SCIM in Satori
To set up the SCIM integration in the Satori Management Console, perform the following steps:
- Go to the Satori management console and select the Settings from the kabab menu.
- Now, select the Integration view and click on the SCIM Integration tile.
-
Click the Generate Access Token button.
NOTE: Remember to save the Provisioning URL and the SCIM Access Token as you will require them in order to complete the SCIM integration.
-
Your Satori SCIM integration should now appear as an active integration tile in Satori.
- Now select your IP and continue the integration process accordingly.
Note: If you want to enable your SSO login to access Satori then refer to the following section in the SSO documentation Satori SSO Documentation. You can use the same app that you created for the SSO integration for your SCIM integration.
Okta Integration - Step 1
To integrate Okta with Satori you can use an existing Okta application or create a new one. To create an integration between Okta and Satori perform the following steps:
-
Create a new Okta application by following the Adding Okta application instructions with Admin Dashboard.
-
Now that you have successfully created your Okta (SAML) application now you must configure it to integration with Satori utilizing the SCIM protocol.
- Now click the General Tab and press the Edit button in the App Settings section.
- Enable SCIM provisioning and the Save button.
- Now go to the Provisioning Tab and click the Edit button.
- Enter the Provisioning URL for Satori into the SCIM connector bass URL input field.
- Enter the value userName into the unique identifier field for users input field.
- Now checkbox the following options: Push New Users, Push Profile Updates and Push Groups
- Now, select the HTTP Header list item in the Authentication Mode drop menu.
- Copy the Satori SCIM access token into the Authorization input field.
- Now press the Test Connector Configuration button.
- Once you have successfully verified the connection click Save.
- Test and verify the Connector Configuration ensuring that the provisioning features were detected correctly.
Okta Integration - Step 2
Now that you have successfully created the SCIM to Satori integration you need to enable user and group provisioning in Okta.
- Select the Provisioning Tab in the application that you just created.
- Click the Edit button and enable the Create Users, Update User Attributes and Deactivate Users provisioning options.
- Click Save.
Syncing Okta Users with Satori
To synchronize Okta users with Satori, perform the following steps:
- Select the Assignments tab
- Select the Assign to People option from the Assign drop menu list.
- Assign the relevant users in the popup dialog. Scroll to the bottom of the dialog and Save and Go Back.
- Click DONE
Existing Users
If you have existing users, then perform the following steps:
- Select the Assignments tab
- Click the Provision User button.
- Click the OK button.
Note: When assigning a group in the newly created Okta application, its members are synced to Satori but the group entity is not. To sync the group to Satori, follow the next set of steps.
Syncing Okta Groups with Satori
To synchronize Okta groups with Satori, perform the following steps:
- Select the Push Groups tab.
- Select the Find Groups by Name option from the Push Groups drop menu list.
- Now enter the name of the Okta group that you want to sync with Satori.
- Now select the Create Group option from the Create Group menu button.
- Click the Save button.
Note: Okta limitation: Using the same Okta group for assignments and for group push is not supported.
Using the same Okta group for assignments and for group push is not supported