{"id":39831,"date":"2024-07-18T07:14:20","date_gmt":"2024-07-18T14:14:20","guid":{"rendered":"https:\/\/coderpad.io\/?post_type=doc&#038;p=39831"},"modified":"2024-08-25T20:52:10","modified_gmt":"2024-08-26T03:52:10","slug":"okta-sso-legacy-process","status":"publish","type":"doc","link":"https:\/\/coderpad.io\/resources\/docs\/screen\/account-management\/sso\/okta-sso-legacy-process\/","title":{"rendered":"Okta SSO legacy process"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote\">\n<p>\u2705 Only Enterprise plans support SSO integration. If you&#8217;d like to upgrade your plan to enable SSO, please reach out to <a href=\"mailto:sales@coderpad.io\">our sales team<\/a>.<\/p>\n<\/blockquote>\n\n\n\n<p>SSO can also be combined with User Provisioning through the SCIM protocol.<\/p>\n\n\n\n<p>Prerequisites for activating SSO on your CoderPad account:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You must have admin rights for your CoderPad Interview account.<\/li>\n\n\n\n<li>You must have identified the proper person at your end who will be able to implement the required configuration changes on your SSO provider account, i.e. your system administrator.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"supported-sso-features\"><strong>Supported SSO features<\/strong><\/h3>\n\n\n\n<p>The CoderPad Okta integration supports SP-initiated and IdP-initiated SSO logins.<\/p>\n\n\n\n<p>It does not currently support Just-In-Time (JIT) provisioning or Single Logout.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"supported-scim-features\"><strong>Supported SCIM features<\/strong><\/h3>\n\n\n\n<p>The following SCIM operations are supported:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Creating users<\/li>\n\n\n\n<li>Updating user attributes (name, family name)<\/li>\n\n\n\n<li>Deactivating users<\/li>\n\n\n\n<li>Deprovisioning users<\/li>\n\n\n\n<li>Group management (Creation \/ Renaming \/ Deletion \/ Assign to users)<\/li>\n\n\n\n<li>Importing users in your Identity Provider<\/li>\n\n\n\n<li>Importing groups in your Identity Provider<\/li>\n<\/ul>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u2705 Account-wide failure to login may occur for your users during the configuration process. Reversing the SSO activation on the account can be done at any time if the configuration fails.<\/p>\n<\/blockquote>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u2139\ufe0f At any time, even when the SSO configuration is active, it is possible for an admin to log into the account using email and password credentials as long as the option to enforce SSO is not active<\/p>\n<\/blockquote>\n\n\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><nav aria-label=\"Table of Contents\"><ul><li class=\"\"><a href=\"#supported-sso-features\">Supported SSO features<\/a><\/li><li class=\"\"><a href=\"#supported-scim-features\">Supported SCIM features<\/a><\/li><li class=\"\"><a href=\"#sso-login-subdomain\">SSO Login Subdomain<\/a><\/li><li class=\"\"><a href=\"#mandatory-sso-enforcement\">Mandatory SSO Enforcement<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-1-obtain-sso-configuration-values-from-coder-pad\">Step 1: Obtain SSO configuration values from CoderPad<\/h2>\n\n\n\n<p>To obtain the SSO values you\u2019ll need to give to your SSO provider, you\u2019ll first need to navigate to the&nbsp;<em>Team Settings<\/em>&nbsp;screen in CoderPad&nbsp;Interview by clicking on that option in the settings menu&nbsp;<img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2024\/01\/2699-fe0f@2x.png\" alt=\":gear:\">.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large is-resized\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"208\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17-1024x208.png\" alt=\"An arrow pointing to the &quot;team settings&quot; option in the settings menu drop down in the top right of the screen.\" class=\"wp-image-38325\" style=\"width:1024px;height:auto\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17-1024x208.png 1024w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17-300x61.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17-768x156.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17-1536x313.png 1536w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17-18x4.png 18w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-17.png 1916w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>Then, scroll down to the <em>Single Sign-On (SSO)<\/em> section and click on <strong>Configure SSO<\/strong>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-18.png\"><img loading=\"lazy\" decoding=\"async\" width=\"591\" height=\"257\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-18.png\" alt=\"A screen shot that says &quot;Single sign-on (SSO)&quot; with a &quot;configure SSO&quot; button below that.\" class=\"wp-image-38326\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-18.png 591w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-18-300x130.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-18-18x8.png 18w\" sizes=\"auto, (max-width: 591px) 100vw, 591px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>This will open up the SSO configuration screen. In <em>Step 1: Provide Identity Provider Metadata<\/em> you&#8217;ll see the three values you&#8217;ll need for your SSO provider:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SP Entity ID<\/li>\n\n\n\n<li>SP Assertion Consumer URL<\/li>\n\n\n\n<li>IDP Login URL<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"544\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16-1024x544.png\" alt=\"The &quot;step 1: provide identity provider metadata&quot; section with the SP entity id, sp assertion consumer url, and idp login url highlighted. \" class=\"wp-image-38324\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16-1024x544.png 1024w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16-300x159.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16-768x408.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16-18x10.png 18w, https:\/\/coderpad.io\/wp-content\/uploads\/2024\/01\/image-16.png 1427w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\" id=\"step-2-configure-okta\">Step 2: Configure Okta<\/h2>\n\n\n\n<p>1. Log on to the Okta Admin interface<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f3e4fde.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f3e4fde.png\" alt=\"Okta &quot;My apps&quot; tab on left nav selected and an arrow pointing to the &quot;Admin&quot; button.\"\/><\/a><\/figure>\n<\/div>\n\n\n<p>2. In the menu select  <strong>Applications <\/strong>&gt; <strong>Applications<\/strong>:<\/p>\n\n\n<div class=\"wp-block-image is-resized\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f5765a1.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f5765a1.png\" alt=\"The &quot;Applications&quot; item in the left nav is highlighted and there is an arrow pointing to the hamburger menu item next to the &quot;okta&quot; logo.\"\/><\/a><\/figure>\n<\/div>\n\n\n<p>3. Select <strong>Create App Integration<\/strong> and then select <strong>SAML 2.0<\/strong>. Click <strong>Next<\/strong> to proceed:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f65ac0f.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f65ac0f.png\" alt=\"Arrow pointing to the &quot;create app integration&quot; button in the top right of the window.\"\/><\/a><\/figure>\n<\/div>\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/image-17.png\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"773\" height=\"434\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/image-17.png\" alt=\"&quot;Create a new app integration&quot; page with the &quot;SAML 2.0&quot; option highlighted and selected. \" class=\"wp-image-13887\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2022\/08\/image-17.png 773w, https:\/\/coderpad.io\/wp-content\/uploads\/2022\/08\/image-17-300x168.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2022\/08\/image-17-768x431.png 768w\" sizes=\"auto, (max-width: 773px) 100vw, 773px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>4. Add these general settings:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Name <\/strong>= CoderPad<\/li>\n\n\n\n<li><strong>Logo <\/strong>= <a href=\"https:\/\/coderpad.io\/wp-content\/themes\/coderpad-red\/assets\/logos\/coderpad-monotone.svg\" download=\"\">Download this logo<\/a> <\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Configure SAML: \n<ul class=\"wp-block-list\">\n<li><strong>Single sign on URL<\/strong> = IDP Login URL<\/li>\n\n\n\n<li><strong>Audience URI<\/strong> (SP Entity ID) = SP Entity ID<\/li>\n\n\n\n<li>Uncheck <strong>Use this for Recipient URL and Destination URL<\/strong><\/li>\n\n\n\n<li><strong>Recipient URL<\/strong> = SP Assertion Consumer URL<\/li>\n\n\n\n<li><strong>Destination URL<\/strong> = SP Assertion Consumer URL<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p>The resulting SAML settings should look like this:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-9.png\"><img loading=\"lazy\" decoding=\"async\" width=\"834\" height=\"534\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-9.png\" alt=\"The SAML settings screen. SSO URL is https:\/\/saml.coderpad.io\/login?idp=XXX, the recipient and destination url is https:\/\/cognito.coderpad.io\/saml2\/idpresponse, and the audience uri is urn:amazon:cognito:sp:us-east-1_y3aJWInG6.\" class=\"wp-image-37606\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-9.png 834w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-9-300x192.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-9-768x492.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-9-18x12.png 18w\" sizes=\"auto, (max-width: 834px) 100vw, 834px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>For the other fields, use these values:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Name ID format<\/strong> = Unspecified<\/li>\n\n\n\n<li><strong>Application username<\/strong> = Email<\/li>\n<\/ul>\n\n\n\n<p>5. Add the attribute statements (the SAML won&#8217;t work without them):<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Name <\/strong>= User.Email<\/li>\n\n\n\n<li><strong>Value <\/strong>= user.email<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-11.png\"><img loading=\"lazy\" decoding=\"async\" width=\"728\" height=\"285\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-11.png\" alt=\"The attribute statement window is shown for the User.Email = user.email value.\" class=\"wp-image-37609\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-11.png 728w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-11-300x117.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-11-18x7.png 18w\" sizes=\"auto, (max-width: 728px) 100vw, 728px\" \/><\/a><\/figure>\n<\/div>\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u26a0\ufe0f When <code>user.email<\/code> contains uppercase (even just first letter capitalization) letters, CoderPad won\u2019t be able to match the user so it will end up in an login error. To solve this issue, please review and follow <a href=\"https:\/\/support.okta.com\/help\/s\/article\/Converting-Okta-Usernames-to-Lowercase-for-Application-Assignment?language=en_US\" target=\"_blank\" rel=\"noopener\">this document from OKTA Support<\/a>.<\/p>\n\n\n\n<p>This knowledge base article demonstrates how to convert Okta usernames to all lowercase characters when assigning users to an application. The provided solution leverages the Okta Expression Language to create a custom application username format.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-12.png\"><img loading=\"lazy\" decoding=\"async\" width=\"774\" height=\"826\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-12.png\" alt=\"In the SAML settings the &quot;application username&quot; entry is shown. it is set to custom, and then String.toLowerCase(user.email) has been entered in the text box. Below that, String.toLowerCase(user.email) is also shown as a value for User.Email key.\" class=\"wp-image-37611\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-12.png 774w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-12-281x300.png 281w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-12-768x820.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-12-11x12.png 11w\" sizes=\"auto, (max-width: 774px) 100vw, 774px\" \/><\/a><\/figure>\n<\/div><\/blockquote>\n\n\n\n<p>6. Next, you&#8217;ll need to obtain the Identity provider metadata file from Okta. In the Sign On tab of the Application, copy or download the Identity Provider metadata file.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-13.png\"><img loading=\"lazy\" decoding=\"async\" width=\"727\" height=\"857\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-13.png\" alt=\"Sign on methods screen with an arrow pointing to the &quot;identity provider metadata&quot; link.\" class=\"wp-image-37616\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-13.png 727w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-13-254x300.png 254w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-13-10x12.png 10w\" sizes=\"auto, (max-width: 727px) 100vw, 727px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>7. Back on the CoderPad <em>SSO Settings <\/em>page, upload or paste the file into the respective input box.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14.jpg\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"387\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-1024x387.jpg\" alt=\"The coderpad SSO settings screen is shown with the file selection and xml text box options shown.\" class=\"wp-image-37620\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-1024x387.jpg 1024w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-300x113.jpg 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-768x291.jpg 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-1536x581.jpg 1536w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-18x7.jpg 18w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14.jpg 1882w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>7. Test the configuration: Ask one of your users to login through SSO to check that it is working before proceeding to the user provisioning steps.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"adding-scim-user-provisioning\" style=\"text-transform:uppercase\"><strong>Adding SCIM User Provisioning<\/strong><\/h4>\n\n\n\n<p>Once SSO has been activated, User Provisioning can be turned on using the SCIM protocol:<\/p>\n\n\n\n<p>1. In Okta, select the <strong>CoderPad <\/strong>application then <strong>General<\/strong> &gt; <strong>App Settings<\/strong> &gt; <strong>Edit<\/strong>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14.png\"><img loading=\"lazy\" decoding=\"async\" width=\"635\" height=\"245\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14.png\" alt=\"Coderpad configuration screen with an arrow pointing to the &quot;general&quot; tab. The &quot;edit&quot; button in the top right of the app settings section is highlighted. \" class=\"wp-image-37628\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14.png 635w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-300x116.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-14-18x7.png 18w\" sizes=\"auto, (max-width: 635px) 100vw, 635px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>2. Then under <em>Provisioning <\/em>select <strong>SCIM<\/strong> and click <strong>Save<\/strong>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f993896.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550f993896.png\" alt=\"In the provisioning section the &quot;SCIM&quot; option is selected and highlighted. \"\/><\/a><\/figure>\n<\/div>\n\n\n<p>3. From the new <em>Provisioning <\/em>tab, click on <strong>Edit<\/strong> in the SCIM Connection section.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-15.png\"><img loading=\"lazy\" decoding=\"async\" width=\"770\" height=\"293\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-15.png\" alt=\"Coderpad configuration screen with an arrow pointing to the &quot;provisioning&quot; tab. In the SCIM connection section the &quot;edit&quot; button is highlighted.\" class=\"wp-image-37629\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-15.png 770w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-15-300x114.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-15-768x292.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-15-18x7.png 18w\" sizes=\"auto, (max-width: 770px) 100vw, 770px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>4. Enter in the following configurations:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>SCIM connector base URL<\/strong> = SCIM URL<\/li>\n\n\n\n<li><strong>Unique identifier field for users<\/strong> = email<\/li>\n\n\n\n<li><strong>Supported provisioning actions<\/strong> = Select all the options<\/li>\n\n\n\n<li><strong>Authentication Mode<\/strong> = HTTP Header<\/li>\n\n\n\n<li><strong>Bearer Token <\/strong>(HTTP Header &gt; Authorization &gt; Bearer Token) = SCIM Authentication Token<\/li>\n<\/ul>\n\n\n\n<p>The <strong>Test Connector Configuration<\/strong> action should be successful at this point.<\/p>\n\n\n\n<p>5. Edit the provisioning. Navigate to <strong>Provisioning <\/strong>&gt; <strong>Settings <\/strong>&gt; <strong>To App<\/strong> and select <strong>Edit<\/strong>:<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550fa57554.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550fa57554.png\" alt=\"Codingame configuration screen with an arrow pointing to the &quot;provisioning&quot; tab. in the left nav the &quot;to app&quot; option is highlighted.\"\/><\/a><\/figure>\n<\/div>\n\n\n<p>6. Check <strong>Create Users, Update User Attributes, Deactivate Users<\/strong>.<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><a href=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-23.png\"><img loading=\"lazy\" decoding=\"async\" width=\"795\" height=\"820\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-23.png\" alt=\"The provisioning to app screen is shown, with  create users, update user attributes, and deactivate user options shown.\" class=\"wp-image-37771\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-23.png 795w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-23-291x300.png 291w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-23-768x792.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2023\/12\/image-23-12x12.png 12w\" sizes=\"auto, (max-width: 795px) 100vw, 795px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p>7. Click <strong>Save<\/strong>.<\/p>\n\n\n\n<p>8. Go to the <strong>Push Groups<\/strong> tab of the App<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550faee1f5.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550faee1f5.png\" alt=\"Codingame configuration screen with an arrow pointing to the &quot;Push groups&quot; tab.\"\/><\/a><\/figure>\n<\/div>\n\n\n<p>9. Click <strong>Push groups<\/strong> &gt;<strong>Find groups by name<\/strong><\/p>\n\n\n<div class=\"wp-block-image is-resized\">\n<figure class=\"aligncenter\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550fb6fbd9.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2022\/08\/img_62f550fb6fbd9.png\" alt=\"In the push groups dropdown menu there is an arrow pointing to the &quot;find groups by name&quot; option.\"\/><\/a><\/figure>\n<\/div>\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u2705It is recommended to select all groups assigned to the Okta App<\/p>\n<\/blockquote>\n\n\n\n<p>10. Click <strong>Save.<\/strong><\/p>\n\n\n\n<p>11. SCIM provisioned users will automatically have user rights but not admin rights. To manage permissions through SCIM <strong>please create different groups and let our <a href=\"mailto:support@coderpad.io\">support team<\/a> know which group should have which <a href=\"https:\/\/coderpad.io\/resources\/docs\/interview\/account-mgmt\/managing-users\/\">permissions<\/a> <\/strong>(<em>Admin <\/em>or <em>Member<\/em>); otherwise your CoderPad users may not have the appropriate access.<\/p>\n\n\n\n<p>12. From now on users added to your groups will be automatically created in CoderPad with the proper set of permissions.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\">\n<p>\u2705 After you assign new users with SCIM:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Have them connect through your company&#8217;s Okta tile first.<\/li>\n\n\n\n<li>They will then receive an email with a link where they will need to click to verify their email address.<\/li>\n\n\n\n<li>Then they will need to go to <a href=\"https:\/\/app.coderpad.io\/login\">https:\/\/app.coderpad.io\/login<\/a> and enter their email address once to get created.<\/li>\n\n\n\n<li>Finally, they can click on the Coderpad tile in OKTA to actually login.<\/li>\n<\/ol>\n<\/blockquote>\n\n\n\n<p>13. Proceed to <a href=\"#step-3-finish-sso-configuration-in-coder-pad\">Step 3: Finish SSO configuration in CoderPad<\/a> to finish up the SSO configuration.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"step-3-finish-sso-configuration-in-coder-pad\">Step 3: Finish SSO configuration in CoderPad<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"sso-login-subdomain\"><strong>SSO Login Subdomain<\/strong><\/h3>\n\n\n\n<p>Now that you\u2019ve configured your IdP information, you\u2019re able to customize your SSO login subdomain. This will give you a dedicated sign in page specifically for your organization.<\/p>\n\n\n<div class=\"wp-block-image is-resized\">\n<figure class=\"aligncenter size-large\"><a href=\"https:\/\/d2h1bfu6zrdxog.cloudfront.net\/wp-content\/uploads\/2021\/08\/image-5.png\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"300\" src=\"https:\/\/coderpad.io\/wp-content\/uploads\/2021\/08\/image-5-1024x300.png\" alt=\"Customize Sign-In with the set subdomain of &quot;yourcompany.coderpad.io&quot;\" class=\"wp-image-2228\" srcset=\"https:\/\/coderpad.io\/wp-content\/uploads\/2021\/08\/image-5-1024x300.png 1024w, https:\/\/coderpad.io\/wp-content\/uploads\/2021\/08\/image-5-300x88.png 300w, https:\/\/coderpad.io\/wp-content\/uploads\/2021\/08\/image-5-768x225.png 768w, https:\/\/coderpad.io\/wp-content\/uploads\/2021\/08\/image-5.png 1032w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n\n\n<p><br>You should direct your users to use this subdomain for login; they\u2019ll be greeted with a welcoming login screen specifically for SSO users to reduce confusion.<\/p>\n\n\n\n<p>However, if one of your users accidentally attempts to login through other CoderPad pages &#8211; such as our homepage login button &#8211; we\u2019ll redirect them to the correct location upon email input.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"mandatory-sso-enforcement\"><strong>Mandatory SSO Enforcement<\/strong><\/h3>\n\n\n\n<p>While we allow organizations to have both SSO and more traditional email\/password user accounts, <strong>we recommend you enforce SSO login<\/strong>. The benefits of doing this are:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Simplification of organization-wide authentication<\/li>\n\n\n\n<li>Reduced\/simplified IT support requests<\/li>\n\n\n\n<li>Ability to add security precautions (such as 2FA)<\/li>\n<\/ul>\n\n\n\n<p>To make SSO mandatory, simply select the <strong>Enforce SSO<\/strong> checkbox in the step 3 section.<\/p>\n","protected":false},"parent":8947,"menu_order":0,"template":"","class_list":["post-39831","doc","type-doc","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/doc\/39831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/doc"}],"about":[{"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/types\/doc"}],"version-history":[{"count":7,"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/doc\/39831\/revisions"}],"predecessor-version":[{"id":40690,"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/doc\/39831\/revisions\/40690"}],"up":[{"embeddable":true,"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/doc\/8947"}],"wp:attachment":[{"href":"https:\/\/coderpad.io\/wp-json\/wp\/v2\/media?parent=39831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}