This article applies to:
Admins
Free, Premium Procurement
Estimated time: Less than 5 mins
About this article
Automatically provision and de-provision users in Vendr using Okta. This article covers creating an Okta API token, installing the integration, and syncing user profile files.
How it works
The Okta integration syncs your Okta users into Vendr in just a few clicks. Connecting Vendr to your Okta instance lets you quickly deploy Vendr across your entire organization. Whenever a user is added or leaves your organization, they'll automatically be added or removed from your Vendr organization using SCIM.
Common uses of the Okta integration
Automatically provide access to Vendr to all of your employees
Provide access to Vendr in a few clicks and keep those users in sync with your Okta directory using SCIM.
Sync key employee details
Effortlessly sync key employee details such as Name, Email, Title, and Manager from Okta to Vendr with just a few clicks.
Assign approval steps in procurement requests to an employee's manager.
Streamline the approval process by ensuring tasks are routed to the appropriate stakeholders for review.
NOTE
Installing the Okta integration does not enable SSO. βTo allow users to sign in using Okta you'll also need to configure SSO. Learn more.
Overview
To give users access to Vendr for seamless account provisioning and de-provisioning using Okta, you will:
Requirements
Must be a Vendr admin
Must be an Okta admin
Create an API Token
Sign in to your Okta organization with your administrator account
In the left-hand navigation menu select Security and then API
Select Tokens from the tab menu and then select the Create Token
Provide a name for the API token. We recommend selecting a memorable name like
Vendr SCIM IntegrationCopy the Token Value and save it on your local machine. You'll need this token value in a future step. Learn more about Okta API tokens.
Install the integration
Navigate to Vendr and then select admin and then all integrations
Look for the Okta integration under Identity providers
Locate your Okta domain by navigating to your Okta organization as an admin and clicking your username in the upper-right corner of the Admin Console. The domain appears in the dropdown menu.
Copy this domain into the API URL field while also ensuring you remove
.okta.comfrom the URL value. For example, if your domainmy-awesome-domain.okta.comyou should inputmy-aweseome-domainin the API URL field.Paste the API token you created earlier into the API Token field and then press integrate
π Congrats! Your integration is now connected.
NOTE
It may take up to 24 hours to sync all of your users. You can use this page to verify the user sync has been completed.
TIP
You can add API scopes to the API token to limit what data Vendr can access in your Okta organization. Learn more about Okta API scope.
Sync user profile fields
The Okta integration supports syncing the following user profile fields in Okta.
First Name
Last Name
Email
Manager
Job Title
NOTE
Syncing of additional fields (standard or custom) is not currently supported.
Okta Field | Vendr Field | Notes |
First name | Name |
|
Last name | Name |
|
Primary email |
| |
Title | Title |
|
ManagerId | Manager | Must be manager id or manager email |
Manager | Manager | Must be manager id or manager email |
N/A | Direct Reports | This is populated based on the user's assigned Manager in Okta |
NOTE
If you do not see these fields populated in Vendr you should verify that your user records are mapped to the appropriate Okta fields in the table.
Permissions
Vendr only accesses the following data from your Okta organization.
ποΈ Vendr will be able to view:
Data about your users
Data about your user details
π«³ Vendr will be able to do:
Nothing