Using Okta for User Provisioning

Hi, @dandrews We use Okta and found the conversion very simple. Field mapping is pretty easy, We do have a specific additional field that we use for the branch code.

 

@KMallette are you doing this through the API connection?

@dandrews we are using Okta as well, it works with no issues with the standard SAML configuration. We only pass username, email, and first and last name from Okta when creating a user. 

@alekwo @KMallette Do yall have any issues deleting or disabling users? ie, how to disable folks? It sounds like this set up with user provisioning does not allow for that (or at least what my IT team is telling me) 

@dandrews  We just use it for login, and there by account creation. We’re using the SAML 2.0 configuration, not API. I would think that offboarding would work with the API as a separate ‘function’ … you’d need Okta to assign the username when the account gets created so that you can match them up correctly.

@dandrews it’s a one-way street - we only create and update users when they log in, we don’t deactivate users based on their status in Okta.

Ok that’s what I thought which is why I was getting push back for this method. How do you then disable your users? @ale

It depends, for employees we have a separate API-based integration with our HR system.

For customers, we only disable them manually in case we receive a bounced email from them. 

Thank you @alekwo