Versions Compared

Old Version 1

changes.mady.by.user Richard Larcombe

Saved on

compared with

New Version 2

changes.mady.by.user Alice Wharton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Set up new starters automatically (and sync existing users) via Okta. Keep all your data in sync.

Why set up the Okta integration?

  • Have new joiners set up automatically.

  • Sync all existing users.

  • Full name, Email, Team and Job title pulled in

    automatically 

    automatically. 

How do I get access to the Okta integration

The Learn Amp team will need to enable the integration for you to access the details. Please contact us to get this set up for you. After this, the setup will be visible for admins and owners by clicking their profile image > Integrations > Okta Okta. 

Is there anything I need to be aware of before setting up?

Setting up teams and managers

Typically within Learn Amp the manager is set by the users 'Primary Team' (the teams manager, becomes their manager). However for this integration, the 'Primary Team' manager will be overridden with the individuals manager within Okta. This means that teams will not have a manager, so you may wish to set these up as a sensible default if the manager field is missing within Okta.

Managers can view team members details, objectives, 1-to-1s, set tasks for them etc.

(View our ideas on future improvements to the way teams and managers will be set up at the bottom of this article).

To set up your okta integration:

Note: All users must have a valid email address  in address in HiBob for the integration to work.

  1. Sign in to your okta account: https://www.okta.com.

  2. Click your account in right upper corner and click 'Your Org'.

  3. You should get redirected to

    okta

    Okta admin

    dashboard 

    dashboard. 

    DashboardImage Modified

  4. In the top navigation bar,

    click Settings tab and choose Features

    click Settings tab and choose Features.

  5. In

    the Features page

    the Features page make sure,

    that Event Hooks box

    that Event Hooks box is checked.

  6. In the top navigation bar,

    click Applications tab
  7. Click Add Application
  8. Click Create New App
  9. Select Web as Platform
  10. Select OpenID Connect as Sign on method

    click Applications tab.

  11. Click Add Application.

  12. Click Create New App.

  13. Select Web as Platform.

  14. Select OpenID Connect as Sign on method. 

    Form1Image Modified
  15. Click Create

    Click Create.

  16. Fill in the following

    form 

    form. 

    Form2Image Modified

  17. Fill

    in Application

    in Application Name.

  18. As Login

    As Login redirect

    URIs provide

    URIs provide:

     Copy

  19. Next

    to Login redirect URIs click Add URI and

    to Login redirect URIs click Add URI and provide:

     Copy

  20. Click Save 

    Click Save 

    Filled formImage ModifiedClick Done

  21. Click Done.

  22. If you get stuck, please refer to the Okta's documentation:https://developer.okta.com/docs/guides/saml-application-setup/overview/.

  23. On the bottom of the page, there is

    Client Credentials panelCopy Client ID and Client Secret and

    a Client Credentials panel.

  24. Copy Client ID and Client Secret and paste then into corresponding fields above

  25. Click Sign On tab
  26. Find OpenID Connect ID Token panel

    .

  27. Click Sign On tab.

  28. Find OpenID Connect ID Token panel.

  29. Copy link next

    to issuer and

    to issuer and paste the link

    in Issuer field

    in Issuer field above.

  30. Make sure, your user is assigned to the app

    :
  31. Click Assignments tab
  32. From Assign dropdown and click Assign

    .

  33. Click Assignments tab.

  34. From Assign dropdown and click Assign to People button.

  35. Click Assign next

    Click Assign next to your user name.

    Click Done

  36. Click Done.

  37. On the Okta site, in the top navigation bar,

    below Security tab click APIlinkClick Create Token button

    below Security tab click API link.

  38. Click Create Token button.

  39. Fill in the name field and

    click Create

    click Create Token.

  40. Copy

    the Token Value and

    the Token Value and paste it into

    the API Token field above

    the API Token field above.

  41. Save the form.

  42. Before continuing integration, please make Okta admin user is assigned to the Okta app, in Okta domain.

  43. Congratulations! The integration is finalised!

How do I make sure the users Sync?

Users are synced at least 24 hours, but will be 'immediately'* synced if...

  • They are invited to HiBob and match the criteria above (e.g. start date = today).

  • Sync users button is

    pressed 

    pressed. 

Note: Immediate means that the action will be immediately sent to the queue, sometimes at time of peak traffic there may be minor delays.

_________________________________________

Future improvement to teams and managers

We will give an option on the integration on how the manager will be handled by the system.

How should managers be handled?

  1. Set manager at an individual level: Directly match the data in Okta, by setting a manager on an individual using our 'Override manager' setting.

  2. Set manager at a team level: When the first user is added to a team, take their manager as the manager of that team

 

  1. . 

Please let us know if you need any further help or have any suggestions for improvements to this article: support@learnamp.com