Search Results :

×

Setup Drupal Okta User Synchronization

Okta User Provisioning integration with Drupal streamlines user management and ensures up-to-date user information within the system. This step-by-step guide will assist you in configuring user provisioning/sync from the Drupal site to the Okta application. This will allow administrators to easily provision users and manage user data with manual, automatic, or scheduler-based provisioning using the Drupal Okta User Sync module. This module is compatible with Drupal 9, Drupal 10 and Drupaal 11.

  • Download the module:
    composer require 'drupal/okta_user_sync'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange Okta User Sync using the search box.
  • Enable the module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/okta_user_sync/overview
  • Install the module:
    drush en okta_user_sync
  • Clear the cache:
     drush cr
  • Configure the module at
    {BaseURL}/admin/config/people/okta_user_sync/overview
  • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
  • Install the miniOrange Okta User Sync module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/okta_user_sync/overview
  • After installing the module on the Drupal site, in the Administration menu, navigate to Configuration → People → miniOrange Okta User Sync. (/admin/config/people/okta_user_sync/overview)
  • Have a glance at what the module does and click on the Let’s Configure the module button.
 drupal Okta user provisioning and sync - click on lets configure module button

  • Configure the values mentioned in the below screenshot from Okta in Drupal.
drupal okta user provisioning and sync - enter the required information from okta application

  • Okta Portal URL: The Okta Portal URL is nothing but the Okta Domain or you can say it is the base URL for the Org Authorization Server of Okta. For example, https://{yourOktaDomain}.okta.com Copy this URL and paste it into Drupal's Okta Portal URL text field.
  • Okta Bearer Token:
    • The Okta Bearer Token is a key used to authenticate requests to Okta APIs When calling an Okta API endpoint, you need to supply a valid API token for the authentication.
    • To generate this API token login to your Okta organization with the admin credentials.
    • In the Admin Console, navigate to the Security → API from the menu.
    drupal okta user provisioning and sync - from the left manu bar click on security and select api
    • On the API page, navigate to the Tokens tab and then click the Create token button.
    drupal okta user provisioning and sync - on api page click on tokens and then select create token
    • Enter the name of your token and click Create Token.
    drupal okta user provisioning and sync - enter the name of token and click on create token button

    • Copy the generated Token Value and keep a note of it as you won't have another chance to view and record it.
    drupal okta user provisioning and sync - then copy the generated token value simply click on clipboard icon

    • Navigate back to the Drupal site and paste the copied Bearer Token in Drupal’s Okta Bearer Token text field.
    drupal okta user provisioning and sync - copied generate token from okta and paste it

    • Test Your Configuration: In the Test Your Configuration ( Enter user email ) field, enter a user’s email ID. (Please ensure that a user with the same email is present in your Okta portal).
  • Once done with all the configurations, click on the Save and Test Configuration button.
drupal okta user provisioning and sync - enter the email

  • If the Test Configuration is successful, you will receive a success message like this:
drupal okta user provisioning and sync - when you click on save and test configuration button you will received success message
  • Alternatively, if there is an error in the integration of Okta with Drupal, then you can check the cause of the error by following the link in the error message or scrolling down to the Test Configuration Result section.
drupal okta user provisioning and sync - if there is receive error message in integration of okta with drupal, then you check possible cause

  • Once the test is successful, click on the Next button.
  • The module supports bi-directional sync. To sync the users from Drupal to Okta, select Drupal to Okta Synchronization.
drupal okta user provisioning and sync - select the drupal to okta sync gif

  • In Step 3, there are three ways to perform the user provisioning (manual, automatic, or schedule-based). To configure the desired method, click the "configure" button within the corresponding method and select the operations that you want to perform(create, delete, deactivate, and update).
drupal okta user provisioning and sync - choose the provisioning type and click on the all done button

  • After configurations, click on the All Done button.

In Manual/On-Demand Provisioning you can manually sync the user with Okta. It also allows the provisioning of a single user as well as all of the existing users at once to Okta.

Configure Manual/On-Demand Provisioning

  • Create Users in Okta:
    • In the Drupal to Okta tab, please ensure you have selected the Read User and Create User checkboxes under the Manual Provisioning Configuration.
    drupal okta user provisioning and sync - enable create user and read user checkboxes
    • Click on the Sync User Manually button.
    drupal okta user provisioning and sync - click on sync user manually button
    • Search for the user you want to provision to the Okta, select the user, and click on the Sync button.
    drupal okta user provisioning and sync - enter the username and click on the Sync
    • To verify if the user is provisioned or not, navigate to the People tab under the Directory and confirm the status of the user.
    drupal okta user provisioning and sync - user is created on okta
    • Deactivate User
      • Under the Manual Provisioning Configuration, please ensure you have selected Read User and Deactivate User checkboxes.
      • To deactivate the user from Okta, the user must be in the blocked state on the Drupal site.
      • To do this, navigate to the People tab, edit the profile of the specific user(/user/{user_id}/edit), and change the user's status to Blocked.
      • Once done, click on the save button.
      • drupal okta user provisioning and sync - block the user1
      • Now, head back to the Drupal to Okta Sync tab and click on the Sync User Manually button.
      • Enter the blocked user’s username in the text field and click on the Sync button to Deactivate the same user on Okta.
      • drupal okta user provisioning and sync - deactivated the user1
      • To confirm whether the user has been deactivated or not, go to the People tab of the Okta and check the user's status.
      • drupal okta user provisioning and sync - user will be successfully deactivated

This type of provisioning allows you to sync users with Okta whenever any CRUD operation(s) is performed on them in Drupal.

Configure Automatic Provisioning

  • Automatic Provisioning will help you provision your users using any of the following events:
    • Admin Interface: When administrators or privileged users manually perform CRUD operations on a user’s account via the Drupal admin interface.
    • User account change: Whenever users themselves perform CRUD operations on their own information form user/{user_id}/edit or any other custom form.
    • 3rd Party Modules: Whenever a user entity is updated/created in the Drupal site using any third-party modules/applications or custom code
    • User Registration: Whenever a user creates a new account in Drupal. (/user/register)

Let's see how the user can be created in Okta using automatic provisioning.

  • Create Users:
    • In the Drupal to Okta tab, please ensure you have selected the Read User and Create User checkboxes under the Automatic Provisioning Configuration.
    • Users can be provisioned to Okta in the following ways:
      • Create the user without credentials: Using this method, the user is provisioned to the Okta Portal except for the password with a Staged state. The admin has to activate the user and send a password reset link. This allows you to review the provisioned users and keep a quick check.
      • Create the user with the Password: Using this method, the user is provisioned to the Okta Portal along with a Password and a Staged state. Once the admin activates the user, the Okta Portal can be accessed by the user with the same password as on the Drupal site. (Please note, the automatic user provisioning will fail in this case if the Drupal user password violates Okta Password policy). This will allow you to ensure a strong and consistent password is maintained across both applications.

      Note: In case, you wish to provision the users into Okta in an Active state to overcome the additional step or if you have any other specific use case, feel free to reach out to us at drupalsupport@xecurify.com.

      • Once Done with the configuration, navigate to Drupal’s login page and click on the Create New Account tab(/user/register).
      • Enter the details and click on the Create New Account button.
      drupal okta user provisioning and sync - ceate user2 in drupal
    • After successfully creating the user in Drupal, go to the People tab under the Directory from Okta. Here you can see, the user has been successfully created
    • drupal okta user provisioning and sync - check the user is created or not
  • Deactivate User:
    • Under the Automatic Provisioning Configuration, please ensure you have selected Read User and Deactivate User checkboxes.
    • To deactivate the user from Okta, the user must be in the blocked state on the Drupal site.
    • To do this, navigate to the People tab, edit the profile of the specific user(/user/{user_id}/edit), and change the user's status to Blocked.
    • Once done, click on the Save button.
    drupal okta user provisioning and sync - block the particular user

    • To confirm whether the user has been deactivated or not, go to the People tab of the Okta and check the user's status.
    drupal okta user provisioning and sync - Check the user is deactivate or not

That’s it!! you have successfully provisioned the users with Okta.

If the Provision was not successful, please contact us at drupalsupport@xecurify.com. Please send the screenshot of the error window, and we will assist you in resolving the issue and guiding you through the setup.


[MO_CONTACT_US]
ADFS_sso ×
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com