You are viewing limited content. For full access, please sign in.

Question

Question

Okta SCIM Groups and Laserfiche Cloud

Administration Integrations Laserfiche Cloud
Updated February 11
asked on February 11

I have been playing with configuring Laserfiche Cloud to use SCIM with Okta. I can confirm that the configuration of authenticating users works, as well as when I tested using JIT. But when I walk through the documentation for SCIM my groups never show up in Laserfiche Cloud in order to create Licensing Rules. The online Laserfiche documentation doesn't say much about it. Does anyone know how it is supposed to work for that part and what I might look at to troubleshoot?

0 0

Replies

replied on February 11

Hi Blake,

Have you reviewed the following user doc? It covers how SCIM provisioning works for groups with Laserfiche Cloud. 
Assign People or Groups to Application in Okta
https://doc.laserfiche.com/laserfiche/en-us/content/admin-account-okta-ovw.htm?tocpath=Security%7CAccount%20Administration%7CSingle%20Sign-On%20(SSO)%7CConfigure%20Single%20Sign-On%20for%20Specific%20Identity%20Providers%7C_____2

 

0 0
View 4 previous replies
replied on February 11

Yes, I have done that.

0 0
replied on February 11

The documentation can definitely be refined, but just to clarify the workflow a bit:

After assigning the group, you can manually push the group from the Okta application. If the provisioning is successful, the Push Status will show Active. Otherwise, Okta will display an error message indicating what went wrong.

0 0
replied on February 11 Show version history

The online documentation says to select Push New Users and Push Profile Updates. I am guessing I also need to select Push Groups?

0 0
replied on February 11

Yes, you need to select the Push Groups option. 

0 0
replied on February 11

K, I did that and on the Push Groups tab I select Push Groups\Find groups by name, and I can select an existing group in Okta from the field, but if I try linking to an existing group in Laserfiche Cloud it doesn't give a result to select from. If I tell it to "Create Group" it fails because a group with that name already exists. Can this only be used to create new groups?

0 0
replied on February 11

Okay, I created a new group in Okta and configured it in the Pushed Groups. I manually pushed the group, and it appeared in Laserfiche under Users\Groups as well as in the dropdown when configuring SCIM licensing rules. The user that was added to the Okta group also appeared in Users.

I configured a SCIM licensing rule, but when I look under SCIM Licensing Synchronization State, the Last synchronization time and Synchronization status say Not Available and the user that is a member of the pushed group is not licensed.

How can I kick off that synchronization?

0 0
replied on February 11

The licenses will be automatically assigned based on the configured SCIM license rules within 30 minutes after you create/update them. The system will also sync automatically every six hours at 00:00, 06:00, 12:00, and 18:00 UTC.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...