Configuring SCIM in Okta

Learn about Verta SCIM provisioning here.

Creating a SCIM Integration

  • Click on “Applications” -> “Applications” on the left panel - link
  • Click on “Create app integration” - link
  • Select “SWA - Secure Web Authentication” - link
  • Give your app a name. Make sure to check “This is an internal application that we created”
  • Use the defaults for the next section (“How will your users sign in?”)
  • From the main page, go to the “General” tab, edit the settings, and enable “SCIM” under Provisioning
  • You should now see a “Provisioning” tab - navigate to that page
  • Click “edit” and fill in the information:
The URL should be of the form described at the beginning of these instructions: https://[your_base_verta_url]i/api/auth/scim/v2/
Unique identifier should be “email” (if you enter something different, this will cause your users to not sync in a very confusing way without a good error message to understand.)
Choose the “push” operations as supported
Authentication mode should be “HTTP Header” and should use a Bearer token. The token should be the token defined in your configuration under authService.okta_scim.auth_token
  • Test your connection and, assuming it works, save the changes.
  • From the main app page, click “edit” and select all the options except “sync password”, and save your changes.
  • Make sure you have users assigned to your application.
From the “Assignments” tab of the app, click on “Assign” -> “Assign to Groups” Choose a group/groups to assign
Click on “Done”
You should be redirected to the Assignments screen, showing your newly assigned groups
Your users should now start syncing!
  • Push groups: You can push groups to Verta via the “Push Groups’ tab