OKTA¶
References:¶
Setup¶
After configuring the SCIM plugin, you can declare it in your Okta Admin console. Go to the Applications > Applications menu and click on the âCreate App Integrationâ button. Choose SWA - Secure Web Authentication and click on the âNextâ button.
Fill the form with the following values (you may adapt depending on your context):
App name: GLPI
Appâs login page URL: the index page of your glpi
App logo: provide a logo picture
App type: check âThis is an internal app that we have createdâ
Let the other fields as default and click on the âFinishâ button.
After the application has been created, youâll be redirected to the General Settings tab. You must edit the App settings section and check the Enable SCIM provisioning before saving your changes.
A new tab named Provisioning will appear. Click on it.
Edit the SCIM Connection section and fill the following fields:
SCIM connector base URL: the API url of your SCIM server you copied from the plugin configuration.
Unique identifier field for users:
id
Check all fields in the Supported provisioning actions section EXCEPT âImport Groupsâ one
Choose the Authentication mode you configured in the plugin configuration.
You can test you configuration and then save your changes.
Final steps, you must assign your application to your users:
In the Admin Console, go to Directory > People.
Click a user name in the Person & Username column.
Select the Applications tab.
Click Assign Applications.
Select applications from the list or enter the application name in the Search field.
Click [Assign] button.
Youâre done, your users will be provisioned in GLPI when they log in.
NOTE, it seems OKTA doesnât give any automatic way to assign users to an application.