Code Ocean VPC Administration Guide
v2.20
v2.20
  • Code Ocean VPC Administration Guide
  • Overview
    • System Overview
    • System Capacity and Sizing
  • Installation Guide
    • Prerequisites
    • CloudFormation Deployment
    • Deployment Parameters
    • Deployed IAM Resources
    • Subdomain Delegation
    • Create an Admin Account
    • Upgrade Code Ocean
    • Remove Code Ocean
    • Least privileged deployment IAM role
  • Management Guide
    • User Management
      • Admin Signup
      • Adding/Removing an Administrator
      • Inviting New Users
      • Generating a Reset Password Link
      • Deactivate User
    • Set up a User Banner Message
    • Enable Git Integration
    • Starter Environments
      • Deploy Base Image
      • Image Actions
      • Deploying Private Docker Base Images
    • Authentication
    • SCIM Provisioning using Azure Active Directory
    • SCIM Provisioning using Okta
    • ACM Certificate Renewal
    • Deleting Released Capsules
    • Assumable Roles
    • Backup and restore
  • Troubleshooting Guide
    • Collecting Logs with the Support Bundle
    • Searching Logs in AWS CloudWatch
    • Alarms
Powered by GitBook
On this page
  • Requirements
  • Creating a Custom Application
  • Configuring Provisioning
  • Code Ocean Credentials
  • Assigning Users and Groups
  • Set Up User Provisioning

Was this helpful?

  1. Management Guide

SCIM Provisioning using Okta

Learn how to provision SCIM using Okta

The System for Cross-domain Identity Management (SCIM) user management API enables automatic provisioning of users between the Code Ocean platform and Okta.

Setting up Groups is the best way to ensure that new users will have all relevant Capsules, Data, and Pipelines available to them when they join, and that there will be no lost assets when team members leave.

It is best practice to utilize Group sharing when working with shared assets.

Requirements

  • Administrator or higher for Okta

  • Administrator in Code Ocean

Creating a Custom Application

  1. Navigate to Okta using the the URL provided to you in your activation email for example https://dev-12345678-admin.okta.com

  2. Sign in with your username/email address and Password

  3. Click Applications from the main and sub menu

  4. Code Ocean is not included in the App Catalog, an App Integration must be created

Configuring Provisioning

  1. Click Create App Integration

2. Select the Sign in method

3. Enter the General App Setting information and click Finish.

4. Select and click on the SCIM protocol, to synch the application to the Code Ocean platform

5. Click Provisioning

6. Click Integration

7. To integrate the API click Edit

8. in Unique identifier field for users enter "email"

9. Choose Http Header in Authentication Method

10. To enable the API Integration you need to obtain the credentials from Code Ocean

Code Ocean Credentials

  1. Sign into your Code Ocean platform

  2. Click Admin

  3. Click Integrations

  4. Scroll down to SCIM

  5. Click Copy to clipboard to copy the URL and paste it in Base URL in Okta

  6. Click Generate new token and paste in to Authorization in Okta

8. Click Test API Credentials

9. A confirmation message appears when the SCIM is successfully verified

10. Click Save

Assigning Users and Groups

Set Up User Provisioning

To assign groups, synch individuals into a group and synch the group's name to the system:

  1. Click the Assignments tab

    To assign individuals to a group

  2. Click Assign

  3. Click Assign to Groups

4. To assign users to a group click the name of the group

5. Click Assign People

6. Add or Remove members to or from the group by selecting the member, then click + or -

7. Click Save

8. To assign the group to the server select the Push Groups tab

9. Click Push Groups will synch the Group in Code Ocean

10**.** Click Find groups by name

11. Enter the name of the group

12. Click Close

To view the group in Code ocean navigate to the capsule, click Share, in Set Permissions for capsule click the dropdown, the group will show in the list. Any changes made to the group will synch back to Okta when saved.

PreviousSCIM Provisioning using Azure Active DirectoryNextACM Certificate Renewal

Last updated 1 year ago

Was this helpful?