Skip to main content

Configuring SCIM in Okta

Enabling SCIM in Okta

To configure SCIM in Okta:

  1. Login in to your Okta account.

  2. In the Left navigation, browse to Applications > Applications.

  3. From the list of applications, find the one configured with SSO for data.world and click it to open its configuration page.

    SCIM_OKTA_01.png

  4. The application details page opens. On the General tab, in the App Settings section, click the Edit button. Enable the Provisioning > SCIM option. Click Save.

    SCIM_OKTA_02.png

  5. Next, go the Provisioning tab and in the Integration section, click the Edit button and set the following SCIM connection details.

    1. SCIM connector base URL: Set the URL as https://api.data.world/v2/scim

    2. Unique identifier field for users: Set the value as userName.

    3. Supported provisioning actions: Select Push new users, Push profile updates, Push groups.

    4. Authentication mode: Set the value to HTTP Header.

    5. Authorization: Provide the service token you copied from data.world.

    6. Click Test connector configuration to make the connection is setup correctly.

    7. Click Save.

      SCIM_OKTA_03.png

  6. Once you save the configuration, the Provisioning tab refreshes and a new To App section appears in the left navigation. Click the Edit button to select the following two options. Click Save.

    1. Create users

    2. Update user attributes

      SCIM_OKTA_04.png

Provisioning user groups in Okta

Groups in Okta serve the function of managing access to various resources. When setting up these groups, it is important to organize users based on similar access requirements. Once the groups are established and synced with data.world, they are transformed into Teams within data.world. You can subsequently assign these Teams to specific catalog organizations, allowing you to control their access to data.world resources efficiently.

To provision user groups in Okta:

  1. On the application details page, go tp the Assignments tab, Groups section. Provision the user groups that should have access to data.world.

    SCIM_OKTA_06.png

  2. Next, go to Push Groups tab. In the toolbar, select Push groups > Push group by name option. Push the users you provisioned in the previous step.

    This creates the teams in data.world. You can next go to data.world and add these teams to organizations and set up their permissions in data.world.

    SCIM_OKTA_07.png

  3. After users have been successfully provisioned for the first time after enabling SCIM, enable the Deactivate users option.

    In the Provisioning tab go to the To App section. Click the Edit button and select the Deactivate users option. Click Save.

    SCIM_OKTA_05.png
In this section: