Integration Summary
Okta is a Cloud Identity Provider which facilitates a secure and efficient Single Sign-on. We integrate with Okta to provide you with a seamless login experience. Our integration with Okta can also automatically create, deactivate, reactivate or update users in Learn Amp.
Main Features
If your company already uses OKTA, your employees can sign into the Learn Amp platform using their single sign-on details.
Security comes first. OKTA provides real-time security reporting and two-factor authentication, keeping your users’ data safe and secure.
Information that can be synced
Our ‘Out of the box’ integration with Learn Amp is able to map information from a number of predefined standard mappable fields which have been detailed in the table below:
Field in Okta | Field in Learn Amp |
|---|---|
First Name | First Name |
Last Name | Last Name |
Profile picture | Avatar |
Title | Job Title |
Language | Language |
Location | Location |
Manager | Override Manager |
Department | Primary Team |
Syncing Additional Information
It is possible to sync additional or different data points from Okta in to Learn Amp’s custom fields.
Please Note: These requests will be handled by your Implementation Coach and will require custom development work to be undertaken by our technical team. The time taken to complete this work is chargeable or can be deducted from your Implementation budget at your Coaches' discretion.
Known Limitations/ Considerations
Team Managers: The Okta integration will sync each individual users' manager into Learn Amp if the data is available to do so (manager field in Okta). This is what is known as an Override Manager in Learn Amp. The Integration does not have the ability sync Team/Department managers into Learn Amp. However, Team managers can be configured within Learn Amp to work in conjunction with Override Managers. Your Implementation Coach can provide further details on this.
Team Hierarchy: Learn Amp will create a team for each of the individual departments that are stored in your Okta account. These will be presented as a flat structure in your Learn Amp account and will not consider any parent/child relationships between your departments.
However, once you have completed your initial sync, you will be able to easily create parent/child relationships with your teams in Learn Amp which will be saved moving forward. Your Implementation Coach can provide further details on this.
How the Platforms Connect
Learn Amp connects to Okta using OpenID Connect. Okta updates Learn Amp via webhooks which you can configure within Okta.
Permissions/Scopes Required
For our integration with Okta to work effectively, the following permissions scopes are requested from Learn Amp:
???
Required Stakeholders
To set up our Integration with Okta, you will need somebody with administrator level access to your Okta account. This person will also need administrator level access to your Learn Amp Live account for the period of time in which the Integration is being set up.
Set up Instructions
Full instructions on how to set up the Okta integration can be found within your Learn Amp account. Please go to yourdomain.http://learnamp.com/en/integrations/okta
Other Frequently Asked Questions
| Expand | ||
|---|---|---|
| ||
? |
| Expand | ||
|---|---|---|
| ||
Yes. When setting up the Okta integration you will have the option to withhold invitation emails. Invitation emails can be issued at any time from the Individuals page in Learn Amp. |
| Expand | ||
|---|---|---|
| ||
You should always create new users or update existing users information in Okta, not in Learn Amp. Newly created or updated user information in Okta will automatically be synced to Learn Amp when the correct webhooks are configured. |
| Expand | ||
|---|---|---|
| ||
Users are synced at least once every 24 hours at 3am GMT, but will be immediately* synced if they are invited to Okta or sync users is selected in Learn Amp. Note: Immediate means that the action will be immediately sent to the queue, sometimes at time of peak traffic there may be minor delays. |
| Expand | ||
|---|---|---|
| ||
Typically within Learn Amp the manager is set by the users 'Primary Team' (the teams manager, becomes their manager). However for this integration, the 'Primary Team' manager will be overridden with the individuals manager within Okta. This means that teams will not have a manager, so you may wish to set these up as a sensible default if the manager field is missing within Okta. |
| Expand | ||
|---|---|---|
| ||
To authenticate the integration Learn Amp will request:
|
| Expand | ||
|---|---|---|
| ||
Yes. Okta integration supports user provisioning and/or single sign on (SSO). |
Related articles