Teams and Businesses

Connect Okta to the 1Password SCIM bridge

Learn how to set up and use the 1Password SCIM bridge to integrate with Okta.

With 1Password Business, you can automate many common administrative tasks using the System for Cross-domain Identity Management (SCIM) bridge. It’s SCIM 2.0 compatible and works with Okta, so you can:

Provision

  • Create Users. Users created in Okta will also be created in 1Password.
  • Update User Attributes. Changing a user’s name in Okta will change their name in 1Password.
  • Deactivate Users. Deactivating a user or disabling the user’s access to 1Password in Okta will suspend the user in 1Password.

Import

  • Import Users. Users created in 1Password will be downloaded and turned in to new AppUser objects, for matching against existing Okta users.

Push Groups

  • Push Groups. Groups created in Okta will also be created in 1Password, and group membership changes in Okta will also be made in 1Password.

Before you can configure Okta, you’ll need to set up and deploy the SCIM bridge.

To get started, sign in to your account on Okta.com  , click Admin in the top right, and follow these steps.

Add the 1Password Business application to Okta

To add the 1Password Business application to Okta:

  1. Click Applications, then click Add Application.
  2. Find 1Password Business in the list and click Add. You’ll see the general settings for the integration, including the default application label “1Password Business”.
  3. Click Next, then click Done.

You’ll see the details of the application you just created.

Configure the integration

On the 1Password Business application details page, click Provisioning. Then follow these steps.

Set up API integration

  1. Click Configure API Integration in the sidebar, then turn on Enable API Integration.
  2. Enter your Base URL and API Token.

    Base URL: the URL of the TLS-secured API gateway, proxy, or load balancer where you’ve configured the 1Password SCIM bridge. For example: https://scim.example.com

    API Token: your OAuth bearer token

  3. Click Save.

Set up provisioning to 1Password

  1. Click To App in the sidebar, then click Edit.
  2. Turn on these options:

    • Create Users
    • Update User Attributes
    • Deactivate Users
  3. Click Save.

Settings

To manage assigned users and groups, click Assignments. Then click Assign and choose Assign to Peple or Assign to Groups.

To turn off synchronization, click Active and choose Deactivate.

Learn more on the Okta Help Center.

Published: