Versions Compared

Old Version 6

changes.mady.by.user Mollie Aspley

Saved on

compared with

New Version 7

changes.mady.by.user Mollie Aspley

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Integration Summary

Okta is a Cloud Identity Provider which facilitates a secure and efficient Single Sign-on. We integrate with Okta to provide you with a seamless login experience. Our integration with Okta can also automatically create, deactivate, reactivate or update users in Learn Amp.

...

Information that can be synced

Our ‘Out of the box’ user provisioning integration with Learn Amp is able to map information from a number of predefined standard mappable fields which have been detailed in the table below:

Field in Okta

Field in Learn Amp

ID

n/aHonorific Prefix

title (e.g. Dr)

First NameFirst Name

first_name

Last NameLast Name

last_name

EmailEmail

emailProfile

picturePicture URL

Avataravatar

TitleJob Title

job_title

LanguageLanguage

primary_language

City

Location

Manager

Override Manager

Department

Primary Teamprimary_location

Department

primary_team

...

Syncing Additional Information

...

Expand
titleFields in Okta

  • city

  • displayname

  • login

  • emoloyeenumber

  • division

  • countrycode

  • manageremail

  • managerid

  • hasdirectreports

  • nickname

  • secondemailmanagerid

  • joblevel

  • paygroup

  • startdate

...

Learn Amp connects to Okta using OpenID Connect. Okta updates Learn Amp via webhooks which you can configure within Okta.

Learn Amp makes 2 different API calls to Okta

...

Learn Amp performs a lookup using the the value of Okta ID. If a matching user is not found, Learn Amp will fetch user details using the value of ‘email’ from Okta. Learn Amp will update the user profile, storing the Okta ID against this user for future logins.

...

Permissions/Scopes Required

For our integration with Okta to work effectively, the following permissions scopes are requested from Learn Amp:

???

Required Stakeholders

To set up our Integration with Okta, you will need somebody with administrator level access to your Okta account. This person will also need administrator level access to your Learn Amp Live account for the period of time in which the Integration is being set up.

...

Full instructions on how to set up the Okta integration can be found within your Learn Amp account. Please go to yourdomain.http://learnamp.com/en/integrations/okta

...

Expand
titleCan I choose which group of users in Okta are synced with Learn Amp?

Yes, once the integration with Learn Amp has been enabled and is set up , you can assign an existing group or crate a new one and then add it to the Learn Amp application. Only users in groups assigned to the the Learn Amp application can be provisionedas an app within your Okta account. Only users who have been assigned the Learn Amp app on the Okta side will be synchronised to Learn Amp.

Expand
titleCan I create user accounts in Learn Amp without sending invitation emails?

Yes. When setting up the Okta integration you will have the option to withhold invitation emails. Invitation emails can be issued at any time from the Individuals page in Learn Amp.

...

Expand
titleHow often does Learn Amp sync with Okta?

Users are synced at least once every 24 hours at 3am GMT, but will be immediately* synced if they are invited to Okta or sync users is selected in Learn Amp.

Note: Immediate means that Okta sends a webhook notification to Learn Amp. We then process the action will be immediately sent to the queue, sometimes at time of peak traffic there may be minor delayscreate/update/delete action on the user. Webhooks from OKTA may take a minute or two to be sent to Learn Amp.

Expand
titleHow does Learn Amp deactivate users with Okta integraion?

?? I think this removal from the OKTA group which can be automated based on status = Active. Richard Larcombe or Taylor Williams will confirmWhen setting up webhooks on the OKTA side, you will configure various life-cycle events to trigger a notification to Learn Amp to update the user. These include “deactivation”, “deletion” and “removal from the app”. All these events will trigger deactivation of the corresponding user on the Learn Amp side.

Expand
titleDoes the Okta integration sync team managers?

Typically within Learn Amp the manager is set by the users 'Primary Team' (the teams manager, becomes their manager). However for this integration, the 'Primary Team' manager will be overridden with the individuals manager within Okta (if selected as a mappable field). This means that teams will not have a manager, so you may wish to set these up as a sensible default if the manager field is missing within Okta.

...