(Archive) Provisioning setup - Okta (SCIM)

Follow

Splashtop now supports users/groups provisioning from your identity provider. It is SCIM provisioning the method Splashtop supports, please follow the below steps to set up. 

We are still submitting the provisioning pre-configured app with Okta and waiting for approval. You will need to manually create an SSO supported app to configure provisioning at this moment.

Create an app with Splashtop SAML supported on Okta

  • Instruction: Link

    (Note: Please skip this step and go to next one if you already have one.)

Configure Provisioning - Create an SCIM app

  1. On Okta console, go to Applications to Add Application. Search SCIM then select the SCIM 2.0 Test App (OAuth Bearer Token)
    Snag_2465a0ae.png
  2. When at step 2 Sign-On Options during adding the app, configure as below:
    - Default Relay State: If you would like to set up IdP-initiate. The Default Relay State is okta-login.
    - Application username format: Select Email.
    Snag_6b448e5.png
  3. After the app created, go to Provisioning to click Configure API Integration.
    Snag_246c69be.png
  4. Check Enable API integration, insert below info:
    SCIM 2.0 Base Url: https://my.splashtop.com/scim/v1
    OAuth Bearer Token: How to find my Secret token 
    Snag_246e3d26.pngClick Test API Credentials, you will get a succesful result if configured correctly.
    Snag_246fc666.png

  5. After setting up Url and Token (step 4), click Edit then enable Create Users, Update User Attributes and Deactivate Users. Leave Sycn Password disabled. Then Save.
    Snag_249abdab.png

    Snag_249a9e0d.png

Configure Provisioning - Create a customized attribute

  1. In the created SCIM app, go to Provisioning tab, click Go to Profile Editor.
    Snag_24cdade3.png
  2. In Profile Editor, click Add Attribute.
    Snag_24c142b0.png
    Insert below info to create a customized attribute.
    Data type: string
    Display name: ssoName
    Variable name: ssoName
    External name: ssoName
    External namespace: urn:ietf:params:scim:schemas:core:2.0:User
    Attribute Required: Check Yes
    Scope: Check User personal
    Then save.
    Snag_2aa25f48.png

Configure Provisioning - Create a Mapping

  1. Also in the Profile Editor. Click Mappings.
    Snag_24d65037.png
  2. Go to the right block (Okta User to "your SCIM app name"), then scroll down to find ssoName, insert the SSO method name created on my.splashtop.com / my.splashtop.eu. Pleaser insert with the format "sso method name". Then click Save Mappings.
    Snag_24dad5a0.png

Start provisioing - Assign users/groups to the application and Push Groups

  • Provision users: Go to Assignments tab, click Assign to Assign to People or Assign to Groups.
    This will provision users and users in the group.
    Snag_259ae848.png
  • Provision groups:
    - Go to Assignments tab, click Assign to Assign to Groups, then assign the groups you would like to push.
    - Go to Push Groups tab, click +Push Groups button to add the group you would like to provision.
    After configuring both the groups will be provisioned.
    Snag_259afa1a.png
0 out of 0 found this helpful