Configure Okta

In Okta, go to the admin portal, select applications, and then Browse App Catalog.

Browse the app catalog for Scalr:

2300

Select the Add Integration option to proceed to configuration.

Under the Sign On tab, go to SAML 2.0 and update Groups to Matches regex and the value is .*:

1274

Go to the Scalr account scope, click on Integrations and then Okta to obtain the IDP ID:

1436

In Okta, go to the Advanced Sign-on Settings, add the Scalr subdomain and IDP ID. Also, make sure that the Application username format in the Credentials Details in Okta is set to Email.

1368

In Okta, click on View SAML setup instructions on the right-hand side to obtain the metadata URL and paste it into Scalr:

1754

You can now verify the connection in Scalr. The SAML integration is now complete, you can set up automatic provisioning by proceeding with the rest of this document.

Provisioning Settings

❗️

Before configuring SCIM please make sure SAML is configured and enabled.

Supported Features

  • Create Users
  • Update User Attributes
  • Deactivate Users
  • Import Users
  • Import Groups
  • Group Push

Configuration Steps

Scalr supports the SCIM (System for Cross-domain Identity Management) protocol to automatically add and remove users from Scalr. To enable it, first generate the SCIM token from Scalr by going to the account settings and then the SSO section. This will be used in Okta in a later step.

1450

Open the Provisioning tab in Okta and select the Configure API Integration button. You will then see the following options:

2122

Check the Enable API Integration checkbox. Add the API token from earlier.

Once you are finished, click the Test API Credentials button to test your configuration and save.

Click on the To App tab in the provisioning settings and check off Create Users, Update User Attributes, and Deactivate Users.

2214