Okta User Provisioning Into WordPress Using SCIM Standard

Okta User Provisioning Into WordPress Using SCIM Standard


WordPress (WP) SCIM plugin gives you the ability to automate user creation, update and delete process from existing IdP (Identity Provider) to your Wordpress (WP) site. SCIM is an open standard for securely Syncing / synchronizing user information between multiple applications. Here we will go through a step-by-step guide to enable SCIM user sync between WordPress site and Okta SCIM as Identity Provider.

Features

miniorange img The following provisioning features are supported:

  • Push New Users : New users created through OKTA will also be created in the third party application.
  • Push Profile Updates (Premium Feature): Updates made to the user's profile through OKTA will be pushed to the third party application
  • Push User Deactivation (Premium Feature): Deactivating the user or disabling the user's access to the application through OKTA will deactivate/delete the user in the third party application.
  • Note: For this application, deactivating/delete a user will depend on the miniOrange SCIM user provisioning add-on.

  • Reactivate Users (Premium Feature): User accounts can be reactivated in the application.
  • Note: For the Reactivating the user it is required to select the Deactivation mode in the SCIM user provisioning add-on.

  • Import Users (Premium Feature): Users can import active users from WordPress to Okta.

miniorange img Future Enhancements in the Plugin:

  • Import Groups
  • Sync password
  • Enhanced group push

Pre-requisites : Download And Installation

To configure Okta as SAML IdP with WordPress, you will need to install the miniOrange WP SAML SP SSO plugin:

SCIM User Provisioning plugin, Create, Update, delete users from Azure AD, Okta, OneLogin, G-suite, Centrify, JumpCloud, Idaptive, Gluu, WS02 and all SCIM …

 Tested with 5.8.2

To get the premium plugin, please contact us at samlsupport@xecurify.com

Follow the steps below for configuring Okta SCIM user provisioning in WordPress (WP)

Step 1: Configure Okta SCIM user provisioning in WordPress (WP)

  • Install the premium plugin and login using your miniOrange credentials.
  • You would require a license key to activate the plugin. (Note :- In case you already have the paid version of the miniOrange SAML 2.0 SSO plugin you won’t require a to login or license key).
  • You can find the SCIM Base URL and Bearer token in the SCIM configuration tab of the plugin.
  • Scim User Provisioning - SCIM Configuration tab
  • Select Okta from dropdown and save.
  • Advance Features of the SCIM User provisioning add-on
    • You can select the deprovisioning mode in the SCIM configuration tab of the SCIM User Provisioning plugin.
    • To Enable the Attribute mapping. Navigate to the SCIM configuration tab of the plugin and Enable the option "Show User Attribute when a user is created."
    • Once this option is selected you can navigate to the Attribute mapping tab of the plugin and Provision a test user (This must not exist in the WordPress) to check the attributes sent by Okta.
    • Once a new user is created you can select the User’s attributes to be mapped from the dropdown besides the attribute field.

Step 2: Configure Okta for SCIM provisioning

  • Go to OKTA portal and login to your account.
  • Navigate to Admin Portal > Applications.
  • Click on Add Application and search for "WordPress SSO with SCIM Provisioning".
  • Scim User Provisioning - Add new application
  • Add the WordPress SSO with SCIM Provisioning application.
  • Scim User Provisioning - Add App
  • Click on Done to configure the application further.
  • Scim User Provisioning - General setting
  • Navigate to the Provisioning menu of the application and Click on the Configure API Integration button.
  • Scim User Provisioning - Configure API Integration
  • Enable on Enable API Integration and enter the SCIM base URL in Base URL field and SCIM Bearer Token in API token field from the SCIM Configuration tab of the SCIM user provisioning plugin.
  • Scim User Provisioning - Enable API Integration
  • Click on Test API Credentials; if successful, a verification message appears at the top of the screen.
  • Click on Save.
  • Select To App in the left panel, then select the Provisioning Features you want to enable by clicking on Edit.
  • Scim User Provisioning - Provisioning to App
  • Click on Save
  • You can now assign people to the app (if needed) and finish the application setup.

Step 3: Import WordPress Users to Okta (optional).

  • If you want to push the WordPress user to Okta then you can follow the steps below. Otherwise you can Skip this section.
    • Navigate to the provisioning section of the Okta app.
    • Select To Okta in the left panel, then select the Import feature.
      • Schedule import :- Choose an interval from the dropdown. Okta will check the list users to import users from WordPress.
      • Okta username format :- Select “Email address”.
  • User Creation and & Matching
    • You can refer to the screenshot below to check default options.
    • Scim User Provisioning - User Creation & Matching

Schema Discovery

  • miniOrange SCIM user provisioning plugin doesn’t support Schema Discovery.

Troubleshooting Tips

  • Note: WordPress doesn't allow to change userName of a user. You can change the email but not the username.

Additional Resource

Other Supported IDPs


If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Why Our Customers choose miniOrange WordPress Single Sign-On (SSO) Solutions?


24/7 Support

miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.

Sign Up

Customer Reviews

See for yourself what our customers say about us.
 

Reviews

Extensive Video Guides

Easy and precise step-by-step instructions and videos to help you configure within minutes.

Watch Demo


We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at

 +1 978 658 9387 (US) | +91 77966 99612 (India)   samlsupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com