Yes, if SCIM is configured in your Okta tenant and the user is in scope for the user provisioning app, then Okta will invoke the SCIM API to create the user. If the user's mapped attributes are modified, then Okta will invoke the SCIM API to update the user. If the user is deleted from Okta, then Okta will invoke the SCIM API to delete the user.
Roles and Division are mappable attributes on our SCIM APIs: https://help.mypurecloud.com/articles/scim-and-genesys-cloud-field-mappings/
The specific configuration to leverage those attributes will depend on the data structure within Okta, but the specific requirements of the payloads for our APIs are documented in the link above.
------------------------------
Richard Schott
Genesys - Employees
------------------------------
Original Message:
Sent: 10-04-2021 02:27
From: Carlos Camacho Jimenez
Subject: OKTA Integration for User Management
Thanks for you reply @Richard Schott, that sounds good.
So, if I use SCIM can i create user only in Okta and this user will be create in Genesys Cloud automaticly?
Another question is... can i change roles, division of user trought Okta?
Thanks in advance.
Kind Regards.
------------------------------
Carlos Camacho Jimenez
Evolutio Cloud Enabler S.A.
Original Message:
Sent: 10-01-2021 10:51
From: Richard Schott
Subject: OKTA Integration for User Management
That is correct. SSO and user provisioning are completely separate, but complimentary features. We have a number of customers that use SCIM and SSO in conjunction, configuring their apps so that newly provisioned users will be able to immediately log in to Genesys Cloud, using the same credentials they use to access their other enterprise software.
------------------------------
Richard Schott
Genesys - Employees
Original Message:
Sent: 10-01-2021 05:00
From: Carlos Camacho Jimenez
Subject: OKTA Integration for User Management
Hi @Richard Schott,
I am interested in this matter.
If I understand correctly, to perform the SSO integration with Okta the steps to perform are as follows:
https://help.mypurecloud.com/articles/add-okta-as-a-single-sign-on-provider/
But if you want to perform a User Management from Okta it is necessary to use additionally configure Okta for Genesys Cloud SCIM.
https://help.mypurecloud.com/articles/configure-okta-for-genesys-cloud-scim-identity-management/
Am I right?
They are two completely different issues right?
Thanks in advance.
Regards.
------------------------------
Carlos Camacho Jimenez
Evolutio Cloud Enabler S.A.
Original Message:
Sent: 09-24-2020 08:28
From: Richard Schott
Subject: OKTA Integration for User Management
Generally, a Genesys Cloud account does not need configuration in order to leverage the SCIM APIs for user provisioning. There does need to be an Oauth client created that can generate authorization tokens with the correct permissions to execute the API calls (the permissions required are contained within the SCIM Integration role, and generally consist of the ability to add/edit/remove users, groups, roles, etc.; the specific permissions required for each SCIM API route are documented on the route in the developer center: https://developer.mypurecloud.com/api/rest/v2/scim/index.html).
In terms of specific configurations for Okta, you'll need to consult Okta's documentation on the matter. While we do intend to release an app with Okta through the Okta Integration Network (https://www.okta.com/integrations/), that work has not yet been completed. At that point we might be able to provide more specific guidance on usage of the app we've developed, but when using Okta's own configuration options they would continue to be the best resource.
------------------------------
Richard Schott
Genesys - Employees
Original Message:
Sent: 09-23-2020 16:29
From: Matthew Rauenzahn
Subject: OKTA Integration for User Management
What account type/configuration in Genesys would be needed for advanced SCIM provisioning in OKTA to setup and manage Genesys Cloud accounts?
Has anyone had success with this?
#SystemAdministration
------------------------------
Matthew Rauenzahn
Product Owner - Vanguard
------------------------------