OKTA integration SCIM
This integration with Okta is currently under development and is not available to customers yet. Contact support@frontapp.com to learn more.

Features

The Okta SCIM integrations provides fine control for your Okta users in Front.
You can: 
  • Automatically create users in Front
  • Automatically block users when the Okta profile is suspended.
  • Automatically map a new user to a Front template, based on Okta roles.

Requirements


  • You must be an admin to your Front account.
  • Please contact Front to get access to the SCIM feature if you do not have it.
  • If you want to use template, you must have templates available in your plan. Entreprise plans have this by default.

Step by step configuration instructions


1) Enable SAML in Front settings


An API key is necessary for Okta and Front to communicate. This API key can be configured in your Front settings:
  • Go to your settings. (See #1)
  • Go on the menu “Plugins & API” and then, in the API menu. (See #2)
  • Create a new token with “auto provisioning” scope (see #3)
  • You can get your token value when you click on your token name (See #4)
  • Use this token in the Okta configuration to enable SCIM provisioning.




2) Configure provisioning in Okta

We need to configure provisioning in Okta in order to start create/block users in Front.. 

Enabling the provisioning tab of the application (See #1)
  • Click on integration
  • Enable the API integration
  • OAuth Bearer token: <The token you created in Front, and copied>
  • That’s it!



3) (Optional) Provisioning with templates


If you want to automatically create your teammates using a specific Front Teammate template, it requires a little more configuration.

Creating a Front template:
  • In the settings go to Teammates > Teammate templates and click on "Add a template (see #1).
  • Choose a name for your template and click on the Save button (see #3).