Okta User Provisioning Into WordPress Using SCIM Standard



This guide provides the steps required to configure Provisioning for WordPress using SCIM user provisioning plugin.

Contents

Features

miniorange img The following provisioning features are supported:

  • Push New Users
    • New users created through OKTA will also be created in the third party application.
  • Push Profile Updates Premium Feature
    • Updates made to the user's profile through OKTA will be pushed to the third party application
  • Push User Deactivation Premium Feature
    • Deactivating the user or disabling the user's access to the application through OKTA will deactivate/delete the user in the third party application.
    • Note: For this application, deactivating/delete a user will depend on the miniOrange SCIM user provisioning add-on
  • Reactivate Users Premium Feature
    • User accounts can be reactivated in the application.
    • Note: For the Reactivating the user it is required to select the Deactivation mode in the SCIM user provisioning add-on
  • Import Users Premium Feature
    • Users can import active users from WordPress to Okta.

miniorange img Presently, miniOrange SCIM user provisioning add-on does not support the following Okta provisioning features, but may in the future:

  • Import Groups
  • Sync password
  • Enhanced group push

Requirements

To get the premium plugin, please contact us at samlsupport@xecurify.com


Step-­by-­Step Configuration Instructions


WordPress SCIM user provisioning plugin.

  • Install the premium plugin.
  • Login into the plugin using your miniOrange credentials.
  • You would require a license key to activate the plugin. (Note :- In case you already have the paid version of the miniOrange SAML 2.0 SSO plugin you won’t require a to login or license key. ).
  • You can find the SCIM Base URL and Bearer token in the SCIM configuration tab of the plugin.
  • Scim User Provisioning - SCIM Configuration tab
  • Select Okta from dropdown and save.
  • Advance Features of the SCIM User provisioning add-on
    • You can select the deprovisioning mode in the SCIM configuration tab of the SCIM User Provisioning plugin.
    • To Enable the Attribute mapping. Navigate to the SCIM configuration tab of the plugin and Enable the option "Show User Attribute when a user is created."
    • Once this option is selected you can navigate to the Attribute mapping tab of the plugin and Provision a test user (This must not exist in the WordPress) to check the attributes sent by Okta.
    • Once a new user is created you can select the User’s attributes to be mapped from the dropdown besides the attribute field.

Configuring Okta for SCIM provisioning plugin.

  • Go to OKTA portal and login to your account.
  • Navigate to Admin Portal > Applications.
  • Click on Add Application and search for "WordPress SSO with SCIM Provisioning".
  • Scim User Provisioning - Add new application
  • Add the WordPress SSO with SCIM Provisioning application.
  • Scim User Provisioning - Add App
  • Click on Done to configure the application further.
  • Scim User Provisioning - General setting
  • Navigate to the Provisioning menu of the application and Click on the Configure API Integration button.
  • Scim User Provisioning - Configure API Integration
  • Enable on Enable API Integration and enter the SCIM base URL in Base URL field and SCIM Bearer Token in API token field from the SCIM Configuration tab of the SCIM user provisioning plugin.
  • Scim User Provisioning - Enable API Integration
  • Click on Test API Credentials; if successful, a verification message appears at the top of the screen.
  • Click on Save.
  • Select To App in the left panel, then select the Provisioning Features you want to enable by clicking on Edit.
  • Scim User Provisioning - Provisioning to App
  • Click on Save
  • You can now assign people to the app (if needed) and finish the application setup.

Import WordPress Users to Okta (optional)

  • If you want to push the WordPress user to Okta then you can follow the steps below. Otherwise you can Skip this section.
    • Navigate to the provisioning section of the Okta app.
    • Select To Okta in the left panel, then select the Import feature.
      • Schedule import :- Choose an interval from the dropdown. Okta will check the list users to import users from WordPress.
      • Okta username format :- Select “Email address”.
  • User Creation and & Matching
    • You can refer to the screenshot below to check default options.
    • Scim User Provisioning - User Creation & Matching

Schema Discovery

  • miniOrange SCIM user provisioning plugin doesn’t support Schema Discovery.

Troubleshooting Tips

  • Note: WordPress doesn't allow to change userName of a user. You can change the email but not the username.
  • In case you face any issues with the setup. Please contact :- samlsupport@xecurify.com

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention, and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India), or email us at samlsupport@xecurify.com


Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com