Users of Okta can integrate with Insightly via SAML & SCIM and once setup has occurred in both Insightly and Okta, users can be provisioned. The process defined in this article will guide Insightly System Admins through the process of SAML & SCIM setup for Okta; this process works in tandem with the setup of SAML and SCIM within Insightly as detailed in the Setting Up SAML and SCIM Integrations article.
In this Article
- Must be on the Insightly Enterprise level plan to use SAML and SCIM.
- Must be an administrator in Insightly to configure SAML and SCIM settings.
- Using SAML, administrators can manage user access from a single place, and users can access different applications with a single login through an identity provider (IdP) like OneLogin, Okta, G Suite, Microsoft Outlook, or another IdP. This provides an organization with higher security and greater convenience.
- SCIM allows administrators to centrally provision and manage Insightly users through an Identity Provider (IdP) such as Okta or Azure Active Directory. SCIM aims to reduce the cost and complexity of user management in companies utilizing a multitude of cloud applications and services.
Add a New SAML Application and Configure SAML
- To add a new SAML application, navigate to the Applications section in your Okta admin console and click Browse App Catalog.
- Enter Insightly into the search bar. Select Insightly from the search results.
- Click Add Integration.
- Via the General Settings, enter a name for the application in the Application label field. Click Next.
- Within Insightly, navigate to System Settings > Security > SAML and SCIM. Copy the Sign-in Page URLfield.
- For configuration of SAML within Insightly, the Setting Up SAML and SCIM Integrations article can be reviewed.
- Via the Configure SAML step in Okta, paste the URL into the Sign-in page URL field.
- Select the Email option in the Application username format dropdown field. Click Done.
- To download the SAML certificate, navigate to the the Sign-on tab of the newly created app. Via the SAML Signing Certificates section, locate the first active certificate in the list. Click the Actions dropdown menu and select Download Certificate.
- Within Insightly, navigate to System Settings > Security > SAML and SCIM, upload the certificate in the Verification Certificate field and click Save. For configuration of SAML within Insightly, the Setting Up SAML and SCIM Integrations article can be reviewed.
- To configure SCIM for Okta, ensure that SCIM is enabled in Insightly by reviewing the Setting Up SAML and SCIM Integrations article.
- Via the Provisioning tab of the Insightly application within Okta, click Configure API Integration.
- Check the Enable API Integration checkbox. Paste in the SCIM Token into the API Token field.
- Press Test API Credentials to verify that you have a valid token. Click Save.
- Via the Provisioning tab, click Edit. To enable all supported SCIM operations, check the Enable checkboxes within the Create Users, Update User Attributes, and Deactivate Users sections. Click Save.
- The supported attributes can be reviewed on Provisioning to App page, towards the bottom of the page. Please note that email and emailType are read-only fields.
- Navigate to the Assignments tab. To assign users to the app, click the Assign dropdown and select Assign to People. Once a user has been assigned they will appear in Insightly shortly. Progress can be monitored in View Logs.