All Collections
Integrations
SSO and SCIM
Okta Integration Guide (SCIM)
Okta Integration Guide (SCIM)

How to configure Fellow Okta integration for users provisioning using SCIM protocol

Dev Team avatar
Written by Dev Team
Updated this week

This guide contains the following sections:

  1. Supported Features

    • Create Users. New users created in Okta will be automatically synced and created in Fellow

    • Update User Attributes. Changes in Okta users profiles, assigned to an application, will be synced to Fellow

    • Deactivate Users. Deactivation of users in Okta will result in unable them to log in plus marking as "disabled" in Fellow

    • Reactivate Users. Users, reactivated in Okta, will be able to log in into Fellow again and be marked as "enabled"

    • Group Push. Groups created in Okta can be pushed into Fellow as Teams

  2. Requirements

    You need to have a Fellow account with an Enterprise plan to use this feature, and it must be enabled by a team including a Fellow admin and an OKTA admin (or your IT team)

  3. Step-by-Step Configuration Instructions

    1. Enable the integration in Fellow

      1. From a workspace administrator account, navigate to the Account Integrations section in Workspace Settings, and then to the SCIM2 card.

      2. Click the Connect button on the top right corner of the page

      3. You will then see this form:

      4. Then press Regenerate SCIM token, confirm an action:

      5. After, copy your SCIM token, save it temporarily in a safe place, it is required for the next step

    2. Configuring SCIM params in Okta

      1. Log in to your Okta account, and navigate to Applications (URL: https://<your_workspace>.okta.com/admin/apps/active)

      2. If you have already set up OIDC, navigate to the application and select the “Provisioning” tab. If not, click Browse App Catalog, search for "Fellow.app", and click the Add button.

      3. You will reach the integration configuration form Add Fellow.app, where you need to specify your Fellow subdomain

      4. Click the Provisioning tab, check the Enable API integration checkbox, and paste the API key from Fellow into the form:

      5. After a successful test (using the Test API Credentials button), press Save

      6. Select To App tab, click Edit

        Check all 3 checkboxes (Create users, Update User Attributes, Deactivate Users) then press Save

      7. The last step - navigate into Sign On tab, press "Edit" settings

        Select Email for the Application username format field. Then press Save

      8. Now you’re all set! You can assign users to an app, and manage them with Okta.

  4. Troubleshooting and Tips

    Please note, that we don’t support username/email updates. If you going to switch from one domain to another, or move / merge users, please contact support.

    The support team could be contacted through Intercom or email (support@fellow.app) and always happy to help you.

Related Articles:

Did this answer your question?