Contents x
Set up SCIM for Okta
    • Print
    • Dark
      Light
    Contents

    Set up SCIM for Okta

      • Print
      • Dark
        Light
      Article summary

      This feature is currently in Private Preview.

      For more information about getting started, see Manage B2 Cloud Storage at Scale: Enterprise Web Console.
      For questions after implementation, contact the Product Team.

      These steps provide guidance for adding users and groups of users using SCIM through Okta. 

      Generate an API Token

      1. Sign in to your Backblaze organization.
      2. In the left navigation menu under Access Control, select Org Users.
      3. Select the Identity Provider tab.
      4. Click Import Users.
      5. Click Generate Key.
      6. Copy and save the Base URL.
      7. Copy and save the API Key (API token).

      Configure SCIM in Okta

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Click Browse App Catalog, and search for SCIM 2.0 Test App (Header Auth).
      4. Click Add Integration.
      5. Select the General Settings tab.
        1. Enter an Application label (for example, Backblaze SCIM 2.0).
        2. Click Next.
      6. Select the Sign-On Options tab, and click Done.
      7. Select the Provisioning tab.
        1. Click Configure API Integration.
        2. Select Enable API Integration.
        3. Enter the Base URL and API Token that you copied in the "Generate an API Token" task.
        4. In the Provisioning To App section, click Edit.
          You must complete these steps or a SCIM error is returned when you import a user. 
        5. Enable all of the options.
        6. In the Sync Password field, select Sync Okta Password as the password type.
        7. Click Save.
      8. Click Test API Credentials, and verify that the integration was successful.
      9. Click Save.

      Disable a SCIM Integration in Okta

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. In the Integration section under Settings, clear the Enable API Integrations checkbox.

      Assign Users to the SCIM Configuration

      You can import individual users or groups of users, but only individual users appear in the enterprise web console.

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Select the Assignments tab.
      4. In the Assign menu, select Assign to People.
      5. Select a user or group of users, and click Assign.
      6. In the user’s profile, click Save and Go Back.
      7. Repeat this process for additional users.
      8. Click Done.

      The imported users are displayed in the enterprise web console on the Org Users page.

      Deactivate Users from an Organization

      1. Sign in to your Okta administrator console.
      2. In the left navigation menu under Applications, select Applications.
      3. Select the Assignments tab.
      4. Click X next to the individual user or group of users.
      5. Click OK.

      The users are deactivated in the enterprise web console.

      Rotate a SCIM Key

      1. Sign in to your Backblaze organization.
      2. In the left navigation menu under Access Control, select Org Users.
      3. Select the Identity Provider tab.
      4. Click Edit.
      5. Click Generate Key.
      6. Repeat step 7 in the "Configure SCIM for Okta" task.
      7. Click(delete) to remove the old key.
      8. Click OK.
      Was this article helpful?
      Related articles
      What's Next