You need key user permissions to do the following steps.

Please note: The following information and instructions are intended for IT specialists. They support the independent connection of Q.wiki to Okta. These instructions are dated 21.03.2024 and are not automatically updated when changes are made in Okta. If anything is unclear, instructions from Okta or the Q.wiki service can provide support.

1. Two applications must be created in Okta, one for OIDC (user authentication) and one for SCIM (user provisioning)

2. As access to Q.wiki is granted via SCIM, this application should be created first:

3. In Okta Applications "Browse App Catalog"

4. Search for "SCIM 2.0 (OAuth Bearer Token)" and add the app.

5. Assign a name for the app in General Settings, e.g. Q,wiki SCIM, confirm.
6. For Sign-On Options select Secure Web Authentication with the first option - this will not be used later.
7. Set Username format to Email 
8. In the app settings, Create Users, Update User Attributes and Deactivate Users must be activated in "To App":
9. In "Integration", Enable API integration must be enabled.
10. Copy the tenant URL and the newly generated secret from the Q.wiki dialog.

...and insert it here in the dialogue:

Test API Credentials to make sure the connection works.

Then add the desired user group to the app via assignment.

After this step, both the group and the members should appear in the Q.wiki group and user administration.

OIDC Application

1. Start "Create App Integration" in Okta Applications
2. 
3. Select "OIDC - OpenID Connect" and Web Application 
   
4. Select App Name, Grant type Authorization Code and Sign-In redirect URI from the Q.wiki dialog:
   
5. The assignment here may be set to "All in the organization", as the actual access is controlled via the SCIM app.
6. Copy the Okta domain e.g. from the user profile and paste it into the Q.wiki dialog.