Q: We have Okta integrated with TeamOhana, and I am running into some issues while updating the manager information of a few users and pushing that information to TeamOhana. The error message reads "Automatic profile push of user Xx to app TeamOhana SCIM failed: Error while trying to push profile update for name@company.com. Internal Server Error. Errors reported by remote server:" Any idea what cloud be creating this error?
A: We don’t support updating Manager information via SCIM. Manager information is pulled via our HRIS integration. SCIM is only used to provision (activate) and deactivate a user. Basically we use the email address from SCIM. The rest of the employee attributes are pulled in from your HRIS so any changes there will be picked up and reflected in TeamOhana within a day or two.
Q: Can I enable SCIM to provision users within my TeamOhana SAML application?
A: No, we use two separate application methods: 1) We authenticate users via SAML and 2) we provision users with SCIM via SWA.
SCIM (System for Cross-domain Identity Management)
An open standard protocol for automated user provisioning and management
Uses RESTful APIs and JSON format to handle user identity data exchange
Automatically manages the complete user lifecycle including:
Creating new user accounts
Updating user information
Deprovisioning accounts when users leave
Provides standardized schema for common identity attributes (username, email, etc.)one for provision and one for authentication. For provisioning users, we use SWA. The steps for provisioning
How SWA Works
Users log into Okta with their credentials
The SWA browser plugin enables automatic login to configured applications
Applications appear in the Okta dashboard for one-click access
The plugin automatically fills credentials without user intervention