1. Splashtop Business - Support
  2. Account
  3. Single Sign-On (SSO)

Provisioning setup - Okta (SCIM)

Avatar
Support

You will find here the instructions for the Global stack only. If you are under the EU stack, please follow the instructions here: EU Instructions. You can find more information about stacks here.

Features

The following provisioning features are supported by Splashtop/Okta integration.

  • Create users - Users in Okta that are assigned to Splashtop application on Okta will be automatically created to your Splashtop team.
  • Update users - The update of the first/last/display name for users in Okta that are assigned to Splashtop application on Okta will be automatically updated to your Splashtop users on the team.
  • Delete users - When users in Okta are removed from Splashtop application on Okta, the created users on your Splashtop team will be deleted or removed from the team.
  • Push groups - Groups and their members in Okta can be pushed to your Splashtop team (as Splashtop groups and users)

Requirements

Splashtop / Okta provisioning is supported with Splashtop Enterprise

Configuration Steps

Add Splashtop app on Okta console
Follow the link to add the Splashtop application with SAML and provisioning supported: Link.
Configure Provisioning - Enable Provisioning
  1. On the created app, you can find the Provisioning tab, then click Configure API Integration:enable_en-us.png
  2. Check Enable API integration, insert below info:
    OAuth Bearer Token: How to find my Secret token 
    enable2_en-us.png
    Click Test API Credentials, you will get a successful result if configured correctly.
  3. After setting up Url and Token (step 4), click Edit then enable Create UsersUpdate User Attributes and Deactivate Users. Leave Sync Password disabled. Then Save.
    enable3_en-us.png

    enable4_en-us.png
Configure Provisioning - Create a mapping
  1. Also in the Profile Editor. Click Mappings.
    mapping_en-us.png
  2. Go to the right block (Okta User to "your SCIM app name"), then scroll down to find ssoName, insert the SSO method name created on my.splashtop.com / my.splashtop.eu. Please insert with the format "sso method name". Then click Save Mappings.
    mapping2_en-us.png
  3. You can also leave this setting but when Assign users/groups, assign the ssoName:
    mapping3_en-us.png
Start provisioning - Assign users/groups to the application and Push Groups
  1. Provision users: Go to Assignments tab, click Assign to Assign to People or Assign to Groups.
    This will provision users and users in the group.
    assign_en-us.png
  2. Provision groups
    - Go to Assignments tab, click Assign to Assign to Groups, then assign the groups you would like to provision.
    - Go to Push Groups tab, click +Push Groups button to add the group you would like to provision.
    After configuring both the groups will be provisioned.
    assign2_en-us.png

 


Known issues / Troubleshooting

  • Updating username/Email is not supported because it would be your Splashtop account on our system.
  • On a Splashtop team, a user can only be in one group, thus when doing Push Group with members, please make sure there will be no situations that a member is in two groups. Update: Added support for users in more than one group. Make sure to enable users to be associated to more than one user group. Learn more here.
  • Push Now function is not supported at this moment.
  • If you get the following error message when enabling API integration: Error authenticating: Unauthorized. Errors reported by remote server: Token is not valid. You might be on our EU or OC stack and should follow the related article instead of this one.
true
0 out of 1 found this helpful

Articles in this section

See more