How to configure SCIM provisioning for Okta

  1. Sign in to Okta with your admin account and open the Okta admin interface.
  1. In the Applications menu on the left, select Applications.
  1. On the Applications page click Browse App Catalog.
  1. In Browse App Integration Catalog search for and select SCIM 2.0 Test App (Oath Bearer Token).
  1. On the app page click Add.
  1. On the 1. General Settings tab, enter CondecoSCIM in the Application label box. Click Next.
  1. On the 2. Sign-On Options tab, select the appropriate sign-on method for your configuration – either SAML 2.0 or Secure Web Authentication. Click Done.
  1. On the Provisioning tab click Configure API integration.
  1. Tick Enable API Integration.
    1. In the SCIM 2.0 Base Url box enter your SCIM API URL.
    2. In the OAuth Bearer Token box enter your secret token generated from the SCIM Token Provider.
    3. Click Save to save the integration.
  1. The Provisioning tab now shows additional options in the menu on the left. Click To App from the menu on the left then click Edit to enable user operations for your SCIM integrations.
  1. Tick Create Users; Update User Attributes; and Deactivate Users, to enable the provisioning options. Click Save.
  1. On the Provisioning tab, scroll down to CondecoSCIM Attribute Mappings. Ensure the following mandatory attributes are set.
Mandatory attribute mappings:

  • Username
  • Given name
  • Family name
  • Primary email
Mandatory attributes
  1. Optional attributes: The Condeco SCIM also supports the following optional user attributes:
Optional attribute mappings:

  • Department
  • Preferred language
  • Cost Center
  • Country Code
  • Locality
  • Primary phone
  • Mobile phone (see steps below)
Optional attributes
  1. Remove any attribute mappings not required by clicking the X to the right.

Mobile phone attribute mapping (optional)

Before adding the mobile phone attribute mapping, check if it already exists and if so, delete it:

  1. From the CondecoSCIM Attribute Mappings page, click Go to Profile Editor.
  1. If mobilePhone attribute is listed, click the cross to delete it by clicking the X to the right then click Delete Attribute to confirm.

Now follow the steps to add the mobile phone attribute.

  1. From the Profile Editor, click Add Attribute and enter the following:
Mobile phone attribute settings:

  • Data type: string
  • Display name: mobile Phone
  • Variable name: mobilePhone
  • External name: phoneNumbers.^[type==mobile].value
  • External namespace: urn:ietf:params:scim:schemas:core:2.0:User
  1. Click Save. If an error is displayed, click Save again.
  1. Click Mappings.
  1. Click Okta User to CondecoSCIM tab.
  1. Scroll to the next available attribute box, select user:mobilePhone attribute from the dropdown list then map it to the mobilePhone string on the right. Click Save Mappings.

Congratulations! Your attribute mapping is complete and the app is now ready.


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Condeco Support

Post Comment