Configuring SCIM in Active Directory

Learn about Verta SCIM provisioning here.

Creating an Enterprise Application

  • Click on "Enterprise Applications"

  • Create a "New application"

  • Click on "Create your own application"

  • Name your application

  • Select the option to "integrate any other application..." and then click "Create"

  • Wait a few moments for the app to be generated

Assigning Groups and Users

Assign groups to the application. These groups will define both which users will be synced to the Verta instance, but also which groups will become teams/organizations in the Verta instance.

  • From the new app's main dashboard, click on "assign users and groups"

  • Click "Add user/group"

  • Click on the link to select users and groups

  • Select at least one group

  • Click "assign"

Setting Up Provisioning

  • Click on the "Provisioning" tab on the left sidebar of the application

  • Click "Get started"

  • Choose "Automatic" as the provisioning mode

  • Enter the information about your Verta instance

The URL should be of the form described at the beginning of these instructions: https://[your_base_verta_url]i/api/auth/scim/v2/ The "secret token" should be the token defined in your configuration under authService.okta_scim.auth_token.

  • When the information has been entered, click "Test connection" and confirm that the test succeeds.

  • Add mappings. The default mappings for Groups is sufficient, so the only mappings you need to update are for Users.

  • Remove attribute mappings until only the following remain: userName, active, displayName, name.formatted

  • Click "Save" and confirm saving your changes.

  • You can now start provisioning

  • AD generally runs the provisioning cycle every 40 minutes. However, you can test provisioning users on-demand by choosing “Provision on-demand”. As of the time of this writing, it is not an option for groups in Azure Active Directory.

Last updated