Provisioning setup - Okta (SCIM)

Admin of the RemotePC Team and Enterprise accounts can now set up provisioning for their users / groups from the identity provider. RemotePC supports SCIM (System for Cross-domain Identity Management) provisioning method to provision users / groups.

To setup Single Sign-On (SSO) provisioning with Okta, the admin needs to:

• Generate SCIM provisioning token with RemotePC account
• Configure SCIM provisioning
• Assign users / groups to the provisioned app

Admin needs to generate and use the SCIM (System for Cross-domain Identity Management) provisioning token to sync all the users linked with their IdP to the RemotePC account.

To generate a token,

1. Log in to RemotePC via web browser.
2. Click the username displayed on the top-right corner and click 'My Account'.
3. Navigate to the 'Single Sign-On' tab and click the 'Generate Token' button under 'Sync users from your identity provider' to generate a token.
   
   
   
   
4. Click the 'Copy Token' button to copy and save the token for future reference.
   
   
   
   
   
   
   

Once the app is created, admin can configure their account for SCIM provisioning.

To configure SCIM provisioning,

1. Log in to the Okta console using your Okta account credentials.
2. In the 'Applications' tab, click on the newly created app.
   
   
   
3. Navigate to the 'General' tab, click on the 'Edit' button corresponding to the 'App Settings' and select 'SCIM'. Click 'Save'.
   
   
   
4. Go to the 'Provisioning' tab, click 'Edit' against the 'SCIM Connection' and modify the required changes as below:
   • SCIM connector base URL: https://sso.remotepc.com/scim
   • Unique identifier field for users: userName
   • Supported provisioning actions: Click and enable the below options:
     
     1. Push New Users
     2. Push Profile Updates
     3. Push Groups
   • Authentication Mode: HTTP Header
   • Authorization: Enter the SCIM provisioning token generated on your RemotePC account
   
   
   
5. Click 'Save'.
   
   
   
6. Under the 'To App' tab, click 'Edit' against the 'Provisioning to App' option.
7. Click the 'Enable' button to enable the below options:
   • Create Users
   • Update User Attributes
   • Deactivate Users
8. Click 'Save'.
   
   
   
   
   
   
   

To start provisioning, admin needs to assign users/groups to the application and push groups.

To assign users,

1. Launch the new app on Okta console.
2. Go to the 'Assignments' tab, click'Assign' and select 'Assign to People' or 'Assign to Groups' to provision users or users in the group respectively.
   
   
   
   
   This will provision users and users in the group.

Note: If you want to add new users, go to 'Directory' > 'People' and click 'add person'.

To assign groups,

1. Launch the new app on Okta console.
2. Go to the 'Assignments' tab.
3. Click 'Assign' and select 'Assign to Groups'.
   
   
   
4. Assign the groups you would like to push. To add a new group and assign, click 'Directory' > 'Groups' > 'Add Groups' and enter the desired group name, and click 'Add group'.
5. Navigate to the 'Push Groups' tab and click the '+ Push Groups' button to add the group you would like to provision.
   
   
   
   
   
   
6. Click 'Save' to save the changes.
   
   
   
   
   

Once done, the groups will be provisioned.