SCIM Provisioning using Okta
Learn how to provision SCIM using Okta
The System for Cross-domain Identity Management (SCIM) user management API enables automatic provisioning of users between the Code Ocean platform and Okta.
Setting up Groups is the best way to ensure that new users will have all relevant Capsules, Data, and Pipelines available to them when they join, and that there will be no lost assets when team members leave.
It is best practice to utilize Group sharing when working with shared assets.
Requirements
Administrator or higher for Okta
Administrator in Code Ocean
Creating a Custom Application
Navigate to Okta using the the URL provided to you in your activation email for example https://dev-12345678-admin.okta.com
Sign in with your username/email address and Password
Click Applications from the main and sub menu
Code Ocean is not included in the App Catalog, an App Integration must be created
Configuring Provisioning
Click Create App Integration
2. Select the Sign in method
3. Enter the General App Setting information and click Finish.
4. Select and click on the SCIM protocol, to synch the application to the Code Ocean platform
5. Click Provisioning
6. Click Integration
7. To integrate the API click Edit
8. in Unique identifier field for users enter "email"
9. Choose Http Header in Authentication Method
10. To enable the API Integration you need to obtain the credentials from Code Ocean
Code Ocean Credentials
Sign into your Code Ocean platform
Click Admin
Click Integrations
Scroll down to SCIM
Click Copy to clipboard to copy the URL and paste it in Base URL in Okta
Click Generate new token and paste in to Authorization in Okta
8. Click Test API Credentials
9. A confirmation message appears when the SCIM is successfully verified
10. Click Save
Assigning Users and Groups
Set Up User Provisioning
To assign groups, synch individuals into a group and synch the group's name to the system:
Click the Assignments tab
To assign individuals to a group
Click Assign
Click Assign to Groups
4. To assign users to a group click the name of the group
5. Click Assign People
6. Add or Remove members to or from the group by selecting the member, then click + or -
7. Click Save
8. To assign the group to the server select the Push Groups tab
9. Click Push Groups will synch the Group in Code Ocean
10. Click Find groups by name
11. Enter the name of the group
12. Click Close
To view the group in Code ocean navigate to the capsule, click Share, in Set Permissions for capsule click the dropdown, the group will show in the list. Any changes made to the group will synch back to Okta when saved.
Last updated