SCIM is an open standard for automating user provisioning across domains, reducing the time and complexity typically associated with onboarding.

In order to set up SCIM on Security Journey with Okta, you will need:

Our SCIM Integration support the following features:

For more information on the listed features or terms, visit the Okta Glossary.

1. Login to Okta with your Admin account, navigate to Applications

2. Click "Create App Integration"

​3. Choose "SAML 2.0"

4. Give the App a name

5. App visibility > Check "Do not display application icon to users"
​

6. Under the SAML settings > General > Single sign-on URL > enter placeholder or dummy URL

7. Then click "Next"
​

8. Answer Okta's Feedback Question > Check "This is an internal app that we have created"
9. Navigate to General > Edit > Click SCIM > Save
​

10. A new Provisioning tab will appear, from here click Edit

11. Login to Security Journey > More > Admin > Settings > SCIM

12. Generate new SCIM Token and copy

13. Copy SCIM API URL
​

14. Go back to Okta and enter SCIM API URL and paste Auth Token as seen below:
​

15. You will need to test the connection by clicking the "Test Connector Configuration" at the bottom of the page. If it's successful, you will see this message:
​

16. Once saved, you should see these settings. Under To App, check the following settings: Create Users, Update User Attributes & Deactivate Users.

17. Finally, we recommend assigning a test user or small group of users to the application and verify synchronization via Okta logs:

18. Once you've successfully tested, you can update the group assignment as needed.

Our application doesn't support capitalization within email addresses and they will be normalized to lower case. If this is a requirement within your IdP or Active Directory, you may need to adjust the emailAddress that you are sending to us as the primary user identifier.