User account provisioning is an identity management process that ensures user accounts are created, granted proper permissions, modified, disabled, and deleted as needed. If your organization utilizes Okta for identity management, you can automate user synchronization with the Cyolo platform.
The integration between Okta and Cyolo, which enables this automated provisioning, is based on the widely adopted SCIM 2.0 (System for Cross-domain Identity Management) protocol.
SCIM allows administrators to automatically provision user information from Okta into Cyolo and map user attributes to the corresponding attributes in Cyolo, ensuring that user information is synchronized between both platforms.
The following guide is dedicated to assisting you in configuring both Cyolo and Okta, enabling you to successfully set up provisioning for your company.
Cyolo supports the following provisioning features:
- Create users - users in Okta that are assigned to the Cyolo application are automatically added to Cyolo.
- Update user attributes - changes in Okta are automatically updated in Cyolo.
- Deactivate users - removal or deactivation of users in Okta disable the users in Cyolo.
A SAML-based Okta IdP is configured in Cyolo.
Configuration in Cyolo
In the Cyolo Admin Console main menu navigate to Integration > Identity Providers.
Edit the Okta IdP.
In the Identify Provider Information section, enable Auto-provisioning and click on the Save button. The system automatically triggers the necessary SCIM key credentials. You need the Key and Secret values to configure the app in Okta.
Configuration in Okta
Log into Okta, and under the Application tab, find the Cyolo application.
Navigate to the Provisioning tab and in the “To App” section, enable the create users, update user attributes, and de-activate users, as noted in the screenshot below.
In the Integration section select the Provisioning tab. Modify the SCIM URL field to include your Cyolo tenant name. Paste the token Key into the Username field, and the token Secret into the password field, as shown below:
Click the Test API Credentials button. If the test was performed successfully, the screenshot will display “SCIM 2.0 Test App (Basic Auth) was verified successfully!”.
Click the Save button.
Navigate to the Assignments tab to assign users to the app.