Setting up OKTA SCIM

What's in this article:

Features

The following provisioning features are supported by Writer:

  • Push Users. Users in Okta that are assigned to the Writer application in Okta are automatically added as members to your organization in Writer.
  • Import Users. Users created in Writer can be imported into Okta and either matched against existing Okta users or created as new Okta users.
  • Import Groups. Import Teams from Writer as Groups in Okta. Note: Okta does not allow you to manage memberships of these imported groups.
  • Push Groups. Groups and their members in Okta can be pushed to Writer (as Writer teams and team members).

Presently, Writer does not support the following Okta provisioning features, but may in the future:

  • Update user attributes
  • Deactivate/reactivate users
  • Remove users*
  • Sync password
  • Enhanced group push

*Removing users (as opposed to deactivating them) is supported by Writer, but not by Okta. We don't remove users from teams that aren't linked to OKTA; therefore, each provisioned user will also have access to the default team from the SAML configuration.

Requirements

  • Set up SAML with the Writer OKTA SAML App
  • OKTA SCIM user provisioning
  • Writer Enterprise subscription plan that includes SCIM (If your subscription has SCIM, it'll be listed in the order form in your services agreement.)

Step-by-step configuration instructions

1. Enable group push integration action:

SCIM Base URL: https://app.writer.com/api/scim/v2

Go to the group push settings. Writer does support group push functionality from Okta, but we don't support group (team) creation/deletion on Writer side, only linking of existing groups.

Disable rename app groups checkbox (to be able to link an OKTA group to a Writer team with different name):

Refresh app groups and add group to push:

Link OKTA group to Writer group (team):

Assign linked group to Writer app:

2. Push custom user role for OKTA SCIM

Go to provisioning to app settings:

Go to profile editor:

Click to add new attribute:

Add Writer role attribute (namespace urn:custom:params:scim:schemas:extension:writer:2.0:User ):

Fill group assignment to Writer app with required user role:

Trigger group push to update roles for existing users in Writer:

Troubleshooting

If you have questions or difficulties with your Writer/Okta SCIM integration, please contact support@writer.com.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Support Contact Support