The following provisioning features are supported by Splashtop/Okta integration.
- Create users - Users in Okta that are assigned to Splashtop application on Okta will be automatically created to your Splashtop team.
- Update users - The update of the first/last/display name for users in Okta that are assigned to Splashtop application on Okta will be automatically updated to your Splashtop users on the team.
- Delete users - When users in Okta are removed from Splashtop application on Okta, the created users on your Splashtop team will be deleted or removed from the team.
- Push groups - Groups and their members in Okta can be pushed to your Splashtop team (as Splashtop groups and users)
Splashtop / Okta provisioning is supported with Splashtop Enterprise, SOS Enterprise and SOS Plus. More details, please contact Sales.
Add Splashtop app on Okta console
- Follow the link to add the Splashtop application with SAML and provisioning supported: Link.
Configure Provisioning - Enable Provisioning
- On the created app, you can find the Provisioning tab, then click Configure API Integration:
- Check Enable API integration, insert below info:
OAuth Bearer Token: How to find my Secret token
Click Test API Credentials, you will get a successful result if configured correctly.
- After setting up Url and Token (step 4), click Edit then enable Create Users, Update User Attributes and Deactivate Users. Leave Sycn Password disabled. Then Save.
Configure Provisioning - Create a mapping
- Also in the Profile Editor. Click Mappings.
- Go to the right block (Okta User to "your SCIM app name"), then scroll down to find ssoName, insert the SSO method name created on my.splashtop.com / my.splashtop.eu. Pleaser insert with the format "sso method name". Then click Save Mappings.
- You can also leave this setting but when Assign users/groups, assign the ssoName:
Start provisioning - Assign users/groups to the application and Push Groups
- Provision users: Go to Assignments tab, click Assign to Assign to People or Assign to Groups.
This will provision users and users in the group.
- Provision groups:
- Go to Assignments tab, click Assign to Assign to Groups, then assign the groups you would like to provision.
- Go to Push Groups tab, click +Push Groups button to add the group you would like to provision.
After configuring both the groups will be provisioned.
Known issues / Troubleshooting
- Updating userName/Email is not supported because it would be your Splashtop account on our system.
- On a Splashtop team, a user can only be in one group, thus when doing Push Group with members, please make sure there will be no situations that a member is in two groups.
- Push Now function is not supported at this moment.
- Add a user to a provisioned Group (under Push Group) is not supported at this time due to Okta's limitation, which means this action will only provision the user to the default group, instead of the provisioned Group.
The workaround is make sure the user has been added to the group when adding the group to Push Group.
For an existing group under Push Group, remove the group from the Splashtop app on Okta, add all the users you would like to assign to the group, then add the group back to Push Group can work the limitation around.