OKTA

R-Service has an Okta Verified Provisioning (SCIM) Certification.

Features

The following provisioning features are supported:

Remark: deactivating a user in R-Service means the user will not be able to access R-Service anymore and the user cannot be selected anymore in the service desk console by a service desk analyst. But be aware that all the user’s data will still be kept in R-Service. When a user with the same email address is activated in Okta, the same R-Service user record will be activated again with the link to the existing tickets.

Remark: groups, for which you want the membership to be pushed from Okta to R-Service, need to be predefined as a R-Service organization.

Prerequisites

Before you configure provisioning for R-Service, make sure you have configured the General Settings and any Sign-On Options for the R-Service app. Make sure the ‘Application username format’ is defined as ‘Email’.

Application username format

Configuration Steps

Configure your Provisioning settings for R-Service as follows:

R-Service Connection Information

Get the R-Service SCIM endpoint and R-Service SCIM bearer token via these instructions: R-Service connection information.

Remark: you need to be the account owner of the R-Service account to access these data. If you are not the account owner, ask the account owner for this info.

Open the R-Service App and Configure API Integration

Configure API Integration

Enable API Integration

Check the Provisioning to App features

Provisioning to App

Assign People to Provisioning

You need to assign the people that need to be provisioned to the R-Service app. You have the choice to assign individual people records or to assign people based on their group membership.

For people assignments, select ‘People’, search for the people records and Assign them to the App.

People Assignment

For assignment via Group membership, select ‘Groups’ and search for group records.

Group Assignment

When you select a group for provisioning, you are able to define default values for the people attributes like Preferred Language, Time Zone and Cost center.

Edit Group Assignment

Remark: when you set User type on VIP, the R-Service user will have the VIP flag set.

Push Groups

Make sure the right Okta Groups are pushed now to R-Service. Goto the ‘Push Groups’ tab, search for the Groups you want to push to R-Service and add the Groups to the list.

Push Groups

Schema Discovery

A detailed description of the SCIM Schemas API can be found on the R-Service developer site.

Troubleshooting and Tips

The OKTA users and groups that are provisioned to SCIM, can be found in the R-Service account via the Settings console. For each SCIM user and SCIM group that has been provisioned a record is to be found in these lists. You can sort the list on the ‘Provisioned At’ and ‘Updated At’ timestamps. Check for any errors.

Once the SCIM records are created in R-Service, they are processed by an automation rule that will update or create the R-Service person records. These automation rules implement another layer that you can use to make a correct mapping from OKTA person attributes to R-Service person attributes. Click on the Automation Rule execution to check the results of the execution. Click on the Actions button in the header bar to modify the Automation Rules.

4me SCIM Users View