Okta User Sync is an easy-to-use module for Drupal that provides seamless synchronization of user information between Okta and Drupal. It provides a simple and secure way to keep user information in sync, allowing administrators to easily provision users and manage user data with manual, automatic, or scheduler-based provisioning.

If you need help configuring the Drupal Okta User Sync module, our team is here to help. We can answer any questions you have via email at drupalsupport@xecurify.com or arrange an online meeting to help you set up the module. Also, if you'd like to try the module out for yourself, we offer a 7-day trial with full features, so you can get the most out of the module.

Setup Video Okta User Sync and Provisioning

Step to configure User Sync and User Provisioning between Drupal and Okta

This guide provides step by step instructions on how to configure User Sync and User Provisioning between Drupal and Okta (Drupal to Okta synchronization).

1. Let's start with the configuration

• Navigate to the Configuration tab, and click on the miniOrange Okta User Sync link.

• Have a glance at what the module does and click on the Let’s configure the module button.

2. Integrating Drupal with Okta

You will have to configure the values mentioned in the below screenshot from Okta in Drupal.

2.1 Okta Portal URL

• The Okta Portal URL is the base URL for the Org Authorization Server or your Okta Domain. For example, https://${yourOktaDomain} copy URL and paste it into Drupal's Okta Portal URL text field.

2.2 Okta Bearer Token

• The Okta Bearer Token is a key used to authenticate requests.
• To Generate your Okta Bearer Token, log in to your Okta Dashboard with admin credentials.
• From the left panel click on the Security and from the dropdown, click on the API.

• On the API page, navigate to the Tokens tab and then click the Create token button.

• In the Create token popup, enter the name for the token and click the Create token button.

• Copy the generated Token Value and keep a note of it.

• Navigate back to the Drupal site and paste the copied Bearer Token in Drupal’s Okta Bearer Token text field.


2.3 Test Your Configuration

• In the Test Your Configuration ( Enter user email ) field you will have to enter the user’s email id.(Please ensure that a user with the same email is present in your Okta portal).
• Once done with all the configurations, click on the Save and Test Configuration button.

• If the Test Configuration is successful, you will receive a success message like:

• Alternatively, if there is an error in the integration of Okta with Drupal, then you can check the cause of the error by following the link in the error message or scrolling down to the Test Configuration Result section.

• Once the test is successful, click on the Next button.

3. Configure the direction and types of Provisioning

• The module supports bi-directional sync. To sync the users from Drupal to Okta, select Drupal to Okta Synchronization.

• Choose the provisioning method (Manual/Automatic/Scheduler-based) that you want to configure.

• Click on the All done button.

4. Manual Sync

In Manual/On-Demand Provisioning you can manually sync the user with Okta. It also allows the provisioning of a single user as well as all of the existing users at once to the Okta.

Let’s see how you can create and deactivate users in Okta using manual sync.

4.1 Create Users

• Under the Manual Provisioning Configuration, please ensure you have selected the Read User and Create User checkboxes.

• Under the Drupal to Okta Sync tab click on the Sync User Manually button.

• Enter the Drupal username of the user which you want to provision to Okta in the text field and click on the Sync button.

• Navigate to the Okta Portal. Go to the People tab under the Directory You should see the user successfully created in Okta Portal.

4.2 Deactivate User

• Under the Manual Provisioning Configuration, please ensure you have selected Read User and Deactivate User checkboxes.

• Now, go to the People tab to edit the profile of a particular user and deactivate the user on the Drupal site. To deactivate the user select the Blocked radio button.
• Once done,click on the Save button.

• Now, go to the Drupal to Okta Sync tab click on the Sync User Manually button.
• Enter the blocked user’s username in the text field and click on the Sync button to Deactivate the same user on Okta.

• Navigate back to the Okta Portal and check the user should be successfully Deactivated.

5. Automatic Sync

This method allows you to automatically sync users in Okta as soon as a CRUD operation is performed on them on Drupal.

Let's see how the user can be created and deactivated in Okta using automatic provisioning.

5.1 Create User

• Under the Automatic Provisioning Configuration, select the Create user checkbox and click on the Save Settings button.

• Users can be provisioned to Okta in the following ways:

5.1.1 Create the user without credentials

• Using this method, the user is provisioned to the Okta Portal except for the password with a Staged state. The admin has to activate the user and send a password reset link. This allows you to review the provisioned users and keep a quick check.

5.1.2 Create the user with credentials:

• Using this method, the user is provisioned to the Okta Portal along with a Password and a Staged state. Once the admin activates the user, the Okta Portal can be accessed by the user with same password as on the Drupal site. (Please note, the automatic user provisioning will fail in this case if the Drupal user password violates Okta Password policy). This will allow you to ensure a strong and consistent password is maintained across both applications.

In case, you wish to provision the users into Okta in an Active state to overcome the additional step or if you have any other specific use case, feel free to reach out to us at drupalsupport@xecurify.com.

Once you have saved the configurations, let’s see how to create and deactivate users on the fly with automatic user provisioning.

• To create a new user on Drupal go to Drupal’s login page and click on the Create new account tab.
• Enter the details and click on the Create new account button.

• After successfully creating the user in Drupal, go to the People tab under the Directory from Okta. Here you can see, the user has been successfully created.


5.2 Deactivate User

• To deactivate user automatically, please make sure you have enabled the Deactivate User checkbox under the Automatic Provisioning Configuration.

• Now, go to the People tab of the Drupal site and edit the particular user then select the Blocked radio button.

• Click on the Save button.
• Navigate back to the Okta. the user should be successfully Deactivated

Support / Contact Us

• If you have any questions or queries related to the Drupal Okta Sync module, you can reach out to us by clicking on the support icon present in the bottom right corner of the module or you can simply drop an email to drupalsupport@xecurify.com.