All Collections
Adding People
Identity & Access Management
Configure Real-Time Provisioning with Okta SCIM
Configure Real-Time Provisioning with Okta SCIM

Securely manage Lessonly users with real-time provisioning

Hannah Walt avatar
Written by Hannah Walt
Updated over a week ago

What Is SCIM?

SCIM, or System for Cross-domain Identity Management, is an open standard allowing for the automation of real-time user provisioning. Enabling SCIM provides real-time user management from Okta to Lessonly. This is a one-way relationship: data flows from Okta to Lessonly, not the other way around.

This guide provides the steps to configure user provisioning for Lessonly. It includes the following sections:

User Provisioning Updates

  • Create New Users: new users created in Okta are then created in Lessonly.

  • User Updates: updates made to a user's profile in Okta are updated in Lessonly

  • User Deactivation: deactivating a user or disabling the user's access to the Lessonly in Okta archives the user in Lessonly.

    • 💡 Important Note: When deactivating a user this in turn archives the user in Lessonly, and removes the user's data from all reporting.

  • Reactivate Users: user accounts are reactivated in Lessonly when they are reactivated in Okta or added back to the group being synced.

Okta SCIM works by silently provisioning users. This feature automatically creates new users in Lessonly, but prevents Lessonly from sending a welcome email. When content is first assigned to users created via Okta, it will arrive as an email notification.

Prerequisites

Please reach out to Lessonly Support for the proper credentials to begin setting up Okta SCIM. The Lessonly Support team will provide:

  • Username (subdomain)

  • SCIM API Key

Configuration in Okta

  1. Check Enable Provisioning.

  2. Configure the attribute mappings following the table below. Required attributes include userName, givenName, familyName, and email.

  3. Check Enable API Integration.

  4. Enter the username and password provided by Lessonly Support.

  5. Begin assigning users to the app (if necessary) and finish the application setup.

💡 Important Note: Because SCIM was built with Okta in mind, you must use its attributes. For Location, use the attribute costCenter, not the tag method. For Business Unit, use the attribute division.

Configuration Mappings

Frequently Asked Questions

Q. Does SCIM support Lessonly's hire data attribute or custom fields?

A. No, but such information can be synced via standard Okta integration. Check out this article to learn more. Unlike SCIM, standard Okta doesn't sync in real time; it runs twice daily at 6:00 AM UTC and 3:00 PM UTC.

Q. Can I use SCIM to add Lessonly users to Okta?

A. Users can only be imported from Okta to Lessonly, not vice versa.

Q. Can I use Okta SCIM to define user roles in Lessonly?

A. Okta SCIM does not support the ability to define user roles. All users are imported as learners; their roles must be manually updated in Lessonly.

Q. I'm trying to bulk deactivate users in Okta, but de-provisioning isn't working correctly. I'm still seeing active accounts in Lessonly.

A. It's likely the case that these remaining accounts existed in Okta before the provisioning integration was created. That is, their data was not sent to Lessonly in such a way that Lessonly was able to assign them an external ID (as is does when the integration is in place). Okta accounts without a Lessonly external ID will fail to de-provision when the associated Okta account is deactivated.

Questions? Contact the Support team at support@lessonly.com

Did this answer your question?