In this article:
When SCIM provisioning is enabled in the Xakia Okta app, the following provisioning features are supported by Xakia:
- Create users: Users in Okta that are assigned to the Xakia application in Okta are automatically added as members to your Xakia location
- Update user attributes: Updating user attributes in Okta will update their attributes in Xakia
- Deactivate users: Users that are removed from the Xakia application in Okta or deactivated in Okta are deactivated in Xakia
Complete the steps here to install the Xakia App and configure OIDC authentication.
This integration is offered to all Xakia customers.
Step-by-step configuration instructions
Step 1: Xakia
- Click on 'Admin' in the top navigation menu
- Click on 'Security' in the left hand menu
- Click on the 'Federated Identity' tab
- Choose Okta
- Note down both the ‘SCIM Base URI’ and ‘SCIM API Key’ fields. Generate a new API key if it is not shown
Step 2: Okta
- Browse the app catalogue in Okta and search for Xakia and add the Xakia app
- This Application is in addition to the Application added in the OIDC configuration. You will have 2 Applications once configuration of this one is complete.
- Open the Xakia app in Okta and go to the 'Provisioning' tab
- Select 'Configure' and then enable the API Integration
- Enter the SCIM details from Xakia as noted in the previous step
- Press test as a check, and then save
- Now that the API is configured, enable the features by going to Provisioning --> To App. Click 'Edit' and select enable for creating, updating and deactivating users and press 'Save'
- Go to 'Assignments' and click the 'Assign' button and ‘Assign to People’. Only Xakia main application users should be added. Internal client users do not require access to this application.
- Users that are assigned to the Xakia app will be added to Xakia
- Once 'added' to Xakia, each new Xakia user must be 'invited' by clicking the 'invite' button in Xakia. Existing Xakia users do not need to be re-invited and will be converted to use Okta when signing in
Troubleshooting and tips
The configuration will need to be completed for each of your Xakia locations. To do this, you will need to add a Xakia application for each location and complete the SCIM configuration. The OIDC configuration is to be completed only once.
When users are deactivated in Okta, they will be deactivated in Xakia. Users will not be able to log in to the application, but their data will remain available as an 'inactive user'.
When querying users, only the following properties will be returned:
This is a current limitation due to the distributed nature of the system.
If you have any further questions or need assistance with your Xakia/Okta integration, please get in touch with the Support team here or email firstname.lastname@example.org.