Skip to main content

Okta Setup Guide

  • Updated

 

Please follow the steps below to set up SCIM (System for Cross-domain Identity Management) to provision users in Wisq. Once connected, user provisioning will be automatically managed based on assignments in Okta. If you have any questions about these steps, please contact your Wisq Customer Success Manager for assistance.

Prerequisites

Before you begin, ensure you have:

  • Admin access to your Okta tenant

You will be provided the following by Wisq via Proton Mail:

  • SCIM connector base URL
  • Client ID
  • Client Secret
  • SCIM Username
  • SCIM Password
  • Access token endpoint URI
  • Authorization endpoint URI

Setup Steps

1. Enable SCIM Provisioning in Okta

  • Log into your Okta Admin Console
  • Navigate to ApplicationsApplications
  • Find and click on your Wisq application
  • Click on the General tab
  • In the Provisioning section, click Edit
  • Select SCIM as the provisioning method
  • Click Save

2. Configure SCIM Provisioning

  • Navigate to Provisioning > Integration
  • Click Edit in the SCIM Connection section
  • Enter the provided SCIM connector base URL
  • Select OAuth 2 for the authentication mode
  • Set the Unique identifier field for users to userName
  • Check Push New Users and Push Profile Updates
  • Set Authentication Mode to OAuth 2

3. Configure OAuth 2 Authentication

  • Enter the provided Access token endpoint URI
  • Enter the provided Authorization endpoint URI
  • Enter the provided Client ID 
  • Enter the provided Client Secret
  • Click Save

4. Authenticate the SCIM Connection

  • After clicking Authenticate with Wisq a pop up window will appear asking you to log in. Enter the credentials provided via Proton
  • Click Sign in
  • If prompted, click Allow or Authorize to grant permissions. You should see a success message confirming the connection

5. Enable Provisioning Actions

  • In the Provisioning tab, click To App in the left sidebar
  • Click Edit in the provisioning settings
  • Enable Create Users, Update User Attributes, Deactivate Users
  • Click Save

6. Define Mappings

Okta will auto-map common fields (e.g., userName, givenName, familyName, email, etc). The more info you send via SCIM, the better equipped Harper is at answering user questions. We recommend sharing these standard attributes:

  • First name (Given Name)
  • Last name (Family Name
  • Email (Primary Email)
  • Job title (Title)
  • Street Address (addresses.streetAddress)
  • City (addresses.locality)
  • State (addresses.region)
  • Country Code (addresses.country)
  • Cost Center (user.costCenter)
  • Full Time / Part Time (user.userType)

In Provisioning > To App you’ll see Attribute Mappings. Please verify all the attributes above are present, and add them if any are missing. If any of these don’t automatically appear, or you have any questions, please let us know!