Okta SCIM
Learn how to configure SCIM provisioning with Okta for Infisical.
Okta SCIM provisioning is a paid feature.
If you’re using Infisical Cloud, then it is available under the Enterprise Tier. If you’re self-hosting Infisical, then you should contact [email protected] to purchase an enterprise license to use it.
Prerequisites:
Create a SCIM token in Infisical
In Infisical, head to your Organization Settings > Authentication > SCIM Configuration and press the Enable SCIM provisioning toggle to allow Okta to provision/deprovision users and user groups for your organization.
Next, press Manage SCIM Tokens and then Create to generate a SCIM token for Okta.
Next, copy the SCIM URL and New SCIM Token to use when configuring SCIM in Okta.
Configure SCIM in Okta
In Okta, head to your Application > General > App Settings. Next, select Edit and check the box labled Enable SCIM provisioning.
Next, head to Provisioning > Integration and set the following SCIM connection fields:
- SCIM connector base URL: Input the SCIM URL from Step 1.
- Unique identifier field for users: Input
email
. - Supported provisioning actions: Select Push New Users, Push Profile Updates, and Push Groups.
- Authentication Mode:
HTTP Header
.
Under HTTP Header > Authorization: Bearer, input the New SCIM Token from Step 1.
Next, press Test Connector Configuration to check that SCIM is configured properly.
Next, head to Provisioning > To App and check the boxes labeled Enable for Create Users, Update User Attributes, and Deactivate Users.
Now Okta can provision/deprovision users and user groups to/from your organization in Infisical.
FAQ
Was this page helpful?