Connect Okta Identity Provider

Overview

You need to create two applications in Okta:

• SCIM 2.0 for user provisioning (user management)
• OIDC for user authentication (sign-in)

Set up the SCIM application first, as it controls access to Q.wiki.

Set Up the SCIM Application

1. Open Okta and go to Applications.
2. Click Browse App Catalog.
3. Search for SCIM 2.0 (OAuth Bearer Token) and add the application.
4. Enter a name for the application, such as "Q.wiki SCIM", and confirm.
5. Go to Sign-On Options and select Secure Web Authentication with the first option. This will not be used later.
6. Set the Username Format to Email.
7. Enable the following options in the App Settings under "To App":
   • Create Users
   • Update User Attributes
   • Deactivate Users
   
8. In the Attribute Mappings, you can control which attributes are transmitted. Q.wiki displays the following attributes in user profiles:
   • firstName
   • lastName
   • email
   • primaryPhone
   • postalAddress
   • department
9. Enable Enable API integration under Integration.
10. Copy the Tenant URL and the newly generated Secret from the Q.wiki dialog.
11. Paste these values into the Q.wiki dialog.
12. Click Test API Credentials to ensure the integration is working correctly.
13. Assign the desired user group to the application using Assignment.

After this step, the group and its members should appear in the Q.wiki user and group management.

Set Up the OIDC Application

1. Go to Applications and click Create App Integration.
2. Select OIDC and Web Application.
3. Enter an app name, select Authorization Code as the Grant Type, and get the Sign-In Redirect URI from the Q.wiki dialog.
4. Leave the assignment set to Everyone in your organization. Actual access is controlled by the SCIM application.
5. Copy the Okta domain (for example, from your user profile) and paste it into the Q.wiki dialog.

The integration of Okta with Q.wiki is now complete.