Single Sign-On provisioning setup - Okta (SCIM)
Admin of the RemotePC Team and Enterprise accounts can now set up provisioning for their users / groups from the identity provider. RemotePC supports SCIM (System for Cross-domain Identity Management) provisioning method to provision users / groups.
To setup Single Sign-On (SSO) provisioning with Okta, the admin needs to:
- Generate SCIM provisioning token with RemotePC account
- Configure SCIM provisioning
- Assign users / groups to the provisioned app
Admin needs to generate and use the SCIM (System for Cross-domain Identity Management) provisioning token to sync all the users linked with their IdP to the RemotePC account.
To generate a token,
- Melden Sie sich über einen Webbrowser bei RemotePC an.
- Klicken Sie auf den oben rechts angezeigten Benutzernamen und dann auf "Mein Konto".
- Navigieren Sie zur Registerkarte "Single Sign-On" und klicken Sie unter "Sync users from your identity provider" auf die Schaltfläche "Generate Token", um ein Token zu erzeugen.
- Klicken Sie auf die Schaltfläche "Token kopieren", um das Token zu kopieren und für eine spätere Verwendung zu speichern.
Once the app is created, admin can configure their account for SCIM provisioning.
To configure SCIM provisioning,
- Log in to the Okta console using your Okta account credentials.
- In the 'Applications' tab, click on the newly created app.
- Navigate to the 'General' tab, click on the 'Edit' button corresponding to the 'App Settings' and select 'SCIM'. Click 'Save'.
- Go to the 'Provisioning' tab, click 'Edit' against the 'SCIM Connection' and modify the required changes as below:
- SCIM connector base URL: https://sso.remotepc.com/scim
- Unique identifier field for users: userName
- Supported provisioning actions: Click and enable the below options:
- Push New Users
- Push Profile Updates
- Push Groups
- Authentication Mode: HTTP Header
- Authorization: Enter the SCIM provisioning token generated on your RemotePC account
- Klicken Sie auf "Speichern".
- Under the 'To App' tab, click 'Edit' against the 'Provisioning to App' option.
- Click the 'Enable' button to enable the below options:
- Create Users
- Update User Attributes
- Deactivate Users
- Klicken Sie auf "Speichern".
To start provisioning, admin needs to assign users/groups to the application and push groups.
To assign users,
- Launch the new app on Okta console.
- Go to the 'Assignments' tab, click'Assign' and select 'Assign to People' or 'Assign to Groups' to provision users or users in the group respectively.
This will provision users and users in the group.
Note: If you want to add new users, go to 'Directory' > 'People' and click 'add person'.
To assign groups,
- Launch the new app on Okta console.
- Go to the 'Assignments' tab.
- Click 'Assign' and select 'Assign to Groups'.
- Assign the groups you would like to push. To add a new group and assign, click 'Directory' > 'Groups' > 'Add Groups' and enter the desired group name, and click 'Add group'.
- Navigate to the 'Push Groups' tab and click the '+ Push Groups' button to add the group you would like to provision.
- Click 'Save' to save the changes.
Once done, the groups will be provisioned.