Skip to main content

Set up Guide: Okta SCIM

Step 1: Create Okta Application

Select "Browse App Catalog" in your Okta Applications page.

Next, search for "SCIM 2.0 Test App (Oauth Bearer Token)" and select the corresponding result.

On the following page, click "Add Integration".

Give your application a descriptive name such as Ten Thousand Coffees and click Next.

Many applications will work with the default configuration that is set on your new application. If you require any additional configuration for your directory such as configuring Attribute Statements, do so on the Sign-On Options page. Click "Done" to complete creating your application.

Step 2: Configure Okta API Integration

Inside your Enterprise Okta Admin Panel, click on the "Provisioning" tab. Then, click "Configure API Integration".

Check "Enable API Integration".

Copy and paste the endpoint into the SCIM 2.0 Base Url field. This will be provided to you by Ten Thousand Coffees via a unique setup link.

Copy and paste the Bearer Token into the OAuth Bearer Token field. This will be provided to you by Ten Thousand Coffees via a unique setup link.

Click "Test API Credentials" and then click "Save".

Step 3: Configure Provisioning Actions

In the "To App" navigation section, click "Edit" and then check to enable the following actions:

  • Create Users

  • Update User Attributes

  • Deactivate Users

Step 4: Add and map user profile attributes

Start with the required fields, then add recommended fields based on what’s available in your organization’s HRIS system. Each additional field improves matching quality and capabilities.

Follow this guide from Okta on adding user profile attributes. And this guide to map user attributes.

Required

Field Name

Example

Notes

First name

Jane

Last name

Doe

Email

[email protected]

Management Level

This is mapped to the Role segment

Director

Maps to “Role” segment. Example values: Student, Intern, Analyst, Associate, Individual Contributor, Manager, Sr. Manager, Director, Sr. Director, VP, SVP, Executive

Recommended

Field Name

Example

Notes

Job title

Solutions Engineer

Business unit

Consulting

Job function

Engineering

People manager status

Yes

Use only “yes” or “no”

Manager email

To exclude members from matching with managers

[email protected]

Optional

Field Name

Example

Notes

City, Country, or Office

For matching across geographies

Atlanta

Locale

Include this field to specify which members require other languages. English is the default language.

en-US

Use only: en-US, fr-CA, es-ES, ko, ja

Status

To deactivate and reactivate profiles for employees that go on leave and come back

active

Use only: active, inactive

Step 5: Assign People & Groups to Okta Application

On the "Assignments" tab of your Okta Application click the "Assign" button and select "Assign to People".

Find the users that you wish to assign and click the "Assign" button next to them.

To complete assigning the users, click "Save and Go Back".

Step 6: Push Groups

On the "Push Groups" tab of your Okta Application click the "Push Groups" button and select "Find groups by name".

Search for the group that you wish to push, select it and click "Save" to push your group to Ten Thousand Coffees.

7: Test the SCIM Connection

Ten Thousand Coffees will share testing steps to you via email.




Related Articles
Set up Guide: Entra ID SAML
Set up Guide: Okta SAML
Set up Guide: 10KC SCIM v2.0 Integration
Set up Guide: Entra ID SCIM
Set up Guide: Workday Integration
Did this answer your question?