SCIM Setup in Okta
Setting up SCIM in the Okta environment.
II. Configure provisioning in Okta
- Enable SCIM provisioning in the general tab of your LeanIX application.
- If previously created, delete and recreate “role” attribute to contain the following external namespace and then Save:
urn:ietf:params:scim:schemas:extension:workspacePermission:2.0:User
- Open the “Provisioning” tab and edit the SCIM Connection with the following information, then hit “Save”
| Field | Value |
|---|---|
| SCIM connector base URL | https://customer-domain.leanix.net/services/mtm/v1/scim/v2 |
| Unique identifier field for users | userName |
| Supported provisioning actions | Import New Users and Profile Updates, Push New Users, Push Profile Updates |
| Authentication Mode | HTTP Header |
| Bearer | Long-lived bearer token previously retrieved |
- Map your attributes
In the “To App” settings, enable the following and Save: Create users, Update user attributes, and Deactivate users
Scroll down to “LeanIX Attribute Mapping." Remove mapping for all attributes except for the following six:
Note: the role property is only relevant for customers with fully-external IDM
Updated 8 days ago