Overview
This guide provides the steps required to configure Automated User Provisioning.
Features
The following provisioning features are supported:
- Get a list of users from the Workboard app.
- Query a set of users from the Workboard app.
- Search a set of users from the Workboard app.
- New users created through OKTA will also be created in Workboard.
- Updates flow from Okta into Workboard.
- Updates made to the user's profile from OKTA will be pushed to Workboard.
- Deactivating or disabling the user's access to the application through OKTA will deactivate the user in the Workboard application.
- Delete calls from Okta will disable the user in Workboard.
-
Workboard does not support Just-In-Time (JIT) provisioning.
Note: Deactivating a user removes that user's ability to access Workboard and the user's data is archived with the manager's account.
Requirements
Before you configure provisioning for Workboard, make sure you have the following:
- IT administrative permissions in Workboard
Note: If you see SSO Configuration under the Admin tools in Workboard, you have the correct permissions. If you do not see the SSO Configuration option, please submit a support ticket to support@workboard.com to request these permissions.
- You have received a SCIM Secret API access token from Workboard.
Note: Request an SCIM Secret API token by Submitting a support ticket to support@workboard.com.
Pro Tip: WorkBoard has an app on the Okta Marketplace.
Note: For US Orgs only
https://www.okta.com/integrations/workboard/
Note: If you're an EU Org, you'll need to create a custom OKTA application instead of using the one already available in the Okta Marketplace. A custom app should have been created when you configured SSO, if so, you should use that to also configure SCIM.
Configuration Steps
Configure your Provisioning settings as follows:
- Check the Enable provisioning features box.
- Enter https://myworkboard.com/wb/apis/scim as the Base URL
- Paste in the API token received from Workboard
- Click Test API Credentials
- Scroll down and select the Provisioning Features you want to enable. Click Next.
- Assign people to the app as required.
Troubleshooting Tips
- Re-activating an existing user will create a new instance of that user.
- Users without First Name or/and Last Name can not be created.
- Only email address is allowed for the userName parameter.
- Authentication Mode should be HTTPs Header as we use a token instead of a username and password.