All Collections
Administration
Federated Identity
Okta App SCIM Configuration Guide
Okta App SCIM Configuration Guide
Updated over a week ago

In this article:


Features

When SCIM provisioning is enabled in the Xakia Okta app, the following provisioning features are supported by Xakia:

  • Create users: Users in Okta that are assigned to the Xakia application in Okta are automatically added as members to your Xakia location

  • Update user attributes: Updating user attributes in Okta will update their attributes in Xakia

  • Deactivate users: Users that are removed from the Xakia application in Okta or deactivated in Okta are deactivated in Xakia

Requirements

Complete the steps here to install the Xakia App and configure OIDC authentication.

This integration is offered to all Xakia customers.

Step-by-step configuration instructions

Step 1: Xakia

  • Click on 'Admin' in the top navigation menu

  • Click on 'Security' in the left hand menu

  • Click on the 'Federated Identity' tab

  • Choose Okta

okta1.png
  • Note down both the ‘SCIM Base URI’ and ‘SCIM API Key’ fields. Generate a new API key if one is not shown

mceclip0.png

Step 2: Okta

  • Browse the app catalogue in Okta and search for Xakia and add the Xakia app

  • This Application is in addition to the Application added in the OIDC configuration. You will have two Applications once configuration of this one is complete.

  • Open the Xakia app in Okta and go to the 'Provisioning' tab

  • Select 'Configure' and then enable the API Integration

  • Enter the SCIM details from Xakia as noted in the previous step

blobid5.png
  • Press test as a check, and then save

  • Now that the API is configured, enable the features by going to Provisioning --> To App. Click 'Edit' and select enable for creating, updating and deactivating users and press 'Save'

  • Go to 'Assignments' and click the 'Assign' button and ‘Assign to People’. Only Xakia main application users should be added. Internal client users do not require access to this application.

  • Users that are assigned to the Xakia app will be added to Xakia

  • Once 'added' to Xakia, each new Xakia user must be 'invited' by clicking the 'invite' button in Xakia. Existing Xakia users do not need to be re-invited and will be converted to use Okta when signing in

Troubleshooting and tips

The configuration will need to be completed for each of your Xakia locations. To do this, you will need to add a Xakia application for each location and complete the SCIM configuration. The OIDC configuration is to be completed only once.

When users are deactivated in Okta, they will be deactivated in Xakia. Users will not be able to log in to the application, but their data will remain available as an 'inactive user'.

When querying users, only the following properties will be returned:

  • Identifier

  • Active

  • External Identifier

This is a current limitation due to the distributed nature of the system.

You can set up Single Sign On (SSO) by following the instructions in this article.

Note: Internal Client Portal users must be assigned to the OIDC app in Okta to be automatically provisioned. They should not be assigned to the SCIM application.

Did this answer your question?