Provisioning with SCIM v2


#1

Hello,
I plan to make our user’s REST API compatible with the SCIM v2 specification.
I read you provide an agent to connect okta with on-premise application. Is that really mandatory ? I didn’t find out how to configure okta without it.
If yes I see it’s only compatible SCIM v1. Am I right ?

Thanks a lot for you help
Jeremy


#2

Hi kapitDev,

The On-Premise Agent is not mandatory and you can develop SCIM v2 interfaces with Okta :smiley:
I believe this can help you: https://developer.okta.com/standards/SCIM/#appendix-using-the-example-scim-server

Thanks,
Frederico


#3

Hi and thanks for your response frederico.hakamine!
I was pretty sure it’s possible but I can’t find the way to configure my scim2 baseUrl without using the agent.
Okta always ask me to install the agent … You may know the way to configure that?

Jeremy


#4

If I got this right, you want to configure a SCIMv2 app in Okta without using the agent. If so, you can try this:
https://developer.okta.com/standards/SCIM/#testing-your-scim-server-with-okta


#5

Thanks again frederico.hakamine for your response.
I was able to validate my API with this test application but when I try to create an brand new application in Okta and try to configure it the same way ( Provisioning with SCIM 2.0 ) … I always fall on the provisioning page that ask me to configure okta’s agent.
I must miss something … or maybe it’s not available in dev version?


#6

Hi @jerem. Try to create your app as follows:

  1. In Okta Admin console, Click Applications > Add Application.
  2. In the Search bar, search for SCIM and get the SCIM app template that works best for You (for example, you can use "SCIM 2.0 Test App (Basic Auth)
  3. Click Next.
  4. Click Done.
  5. Click the Provisioning tab, click Enable APIs, enter the URL/Credentials for your App, and click Test Connection.

#7

Thanx @frederico.hakamine. That’s what I did and it works well.
I was just wondering if this was the solution for production?
I see it ask me to publish it for review to be able to publish it in the OAN but my application is not a cloud-one. I don’t need to publish it.
And why this type of provisioning configuration is not enable when I create a new okta application?


#8

Hi @jerem,

Thanx @frederico.hakamine. That’s what I did and it works well.

Awesome! Good to know you got things going. Hope you’re having fun :slight_smile:

I was just wondering if this was the solution for production?
I see it ask me to publish it for review to be able to publish it in the OAN but my application is not a cloud-one. I don’t need to publish it.
And why this type of provisioning configuration is not enable when I create a new okta application?

Okta is still working on having the SCIM as an option to turn on on any custom SSO app. Stay tuned :slight_smile:

Meanwhile, my suggestion for you is to:

  1. finish your Development and Configuration.
  2. After you’re done, ask support to merge your SCIM configuration to your SSO App (just follow the directions from here: https://support.okta.com/help/open_case).