Versions Compared

Old Version 2

changes.mady.by.user Mollie Aspley

Saved on

compared with

New Version 3

changes.mady.by.user Mollie Aspley

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • If your company already uses OKTAOkta, your employees can sign into the Learn Amp platform using their single sign-on details.

  • Security comes first. OKTA Okta provides real-time security reporting and two-factor authentication, keeping your users’ data safe and secure.

  • If provisioning is enabled, Learn Amp will create new users as well as update and deactivate existing ones automatically to reflect changes made in Okta

...

Information that can be synced

...

Field in Okta

Field in Learn Amp

ID

n/a

First Name

First Name

Last Name

Last Name

Email

Email

Profile picture

Avatar

Title

Job Title

Language

Language

LocationCity

Location

Manager

Override Manager

Department

Primary Team

...

It is possible to sync additional or different data points from Okta in to Learn Amp’s custom fields.

Expand
titleFields in Okta

  • city

  • displayname

  • login

  • emoloyeenumber

  • division

  • countrycode

  • manageremail

  • hasdirectreports

  • nickname

  • secondemail

  • managerid

  • joblevel

  • paygroup

  • startdate

Please Note: These requests will be handled by your Implementation Coach and will require custom development work to be undertaken by our technical team. The time taken to complete this work is chargeable or can be deducted from your Implementation budget at your Coaches' discretion.

...

Learn Amp connects to Okta using OpenID Connect. Okta updates Learn Amp via webhooks which you can configure within Okta.

Learn Amp makes 2 different API calls to Okta

Expand
titleFetch a single user

Called when Learn Amp receives webhook notification that a single user’s details have changed.

Expand
titleFetch all users

Called every 24 hours to ensure that all user details are up to date.

Learn Amp uses Okta ID in its API calls to fetch a user’s details. Learn Amp does not display the Okta ID to end users in Learn Amp. Additionally, Learn Amp will fetch user details by looking up Email in Okta if we do have the Okta ID stored yet for the user.

...

User provisioning

Learn Amp performs a lookup using the the value of ‘email’ from Okta. If a matching user is not found in Learn Amp, Learn Amp creates the user and stores the Okta ID against this user for future logins.

Single sign on (SSO)

Learn Amp performs a lookup using the the value of Okta ID. If a matching user is not found, Learn Amp will fetch user details using the value of ‘email’ from Okta. Learn Amp will update the user profile, storing the Okta ID against this user for future logins.

...

Permissions/Scopes Required

...

Expand
titleHow often does Learn Amp sync with Okta?

Users are synced at least once every 24 hours at 3am GMT, but will be immediately* synced if they are invited to Okta or sync users is selected in Learn Amp.

Note: Immediate means that the action will be immediately sent to the queue, sometimes at time of peak traffic there may be minor delays.

Expand
titleHow does Learn Amp deactivate users with Okta integraion?

??

Expand
titleDoes the Okta integration sync team managers?

Typically within Learn Amp the manager is set by the users 'Primary Team' (the teams manager, becomes their manager). However for this integration, the 'Primary Team' manager will be overridden with the individuals manager within Okta. This means that teams will not have a manager, so you may wish to set these up as a sensible default if the manager field is missing within Okta.

...