Setting up Okta SCIM

Who can use this feature

  • Supported on any Enterprise plans with SCIM included in their package
  • Anyone with an org admin role can access and edit SCIM settings

This article shows how to retrieve key pieces of information from Okta to complete the SCIM provisioning process. For the rest of the SCIM setup process, see our article Setting up SCIM provisioning.

In this article:

Before you begin

  • Set up SAML SSO before you begin SCIM provisioning.
  • Collect key data from Writer to share with Okta, as explained here.

Configure SCIM in Okta

Go to the Writer application> General tab in Okta and enable SCIM provisioning:

Go to ProvisioningIntegration and configure SCIM using your details from step 1 of our setup instructions. Writer's custom application uses SAML 2.0 authentication.

We don’t support the following provisioning actions: import new users and profile updates, import groups.

Note: The Push Groups provisioning action is only required when a) you have multiple teams set up in Writer, and b) you want to assign unique Okta groups to different Writer teams.

Configure role attribute in Okta

You can add a custom attribute to assign team member and org admin roles to Writer team members. To get started, visit Provisioning> Go to Profile Editor:

Select Add Attribute to set up the Writer Role attribute and match the field values to the below screenshot. Our external namespace is urn:custom:params:scim:schemas:extension:writer:2.0

You can now use this attribute to assign Writer roles to Okta users and groups 🥳:

The member role equates to a standard Writer team member, while admin makes the use a Writer org admin.

  • Admin will make a user into a Writer org admin
  • Member will make a user into a Writer team member

See more about Writer roles here.

Push users and groups to Writer (optional)

If you have multiple Writer teams, and want to sync specific Okta groups to these different teams, you can link your Okta group to your app group (Writer team).

Go to Push Groups and select the ⚙️ gear icon.

Disable the checkbox for renaming app groups.

Select Refresh App GroupsFind groups by name to link your Okta Group and Writer Team.

Note: Linking Okta Groups and Writer Teams requires your Okta group name and Writer team name to be identical. Once the initial link is complete, you can change the name of the Okta group, if desired.

One last step! Go to Assignments and assign the group to the Writer application. You can also Assign to People instead, if you're provisioning individual users.

Finish the SCIM provisioning process

Return to Setting up SCIM provisioning to complete this process.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Support Contact Support