Manage user identities in Process Street with SCIM via Okta.

SCIM (System for Cross-Domain Identity Management)  allows you to add and remove users that you have set up in Okta.

Securely set up user roles and access to Process Street programmatically.

Plan: SCIM is an Enterprise add-on. If you are interested in enabling SCIM for your company, contact our support team, your CSM or your Account Executive.

Users: To create an API key you must be an administrator.

Docs: SCIM | Okta

SCIM Configuration for Okta

To enable SCIM on your account you will need to have your organization domain(s) registered in Process Street. Contact our support team to set this up for you.

You will also need to have an SSO integration that supports SCIM provisioning. Once that’s in place you can go ahead and follow the configuration steps.

There are three steps to set up SCIM with Process Street:

1. Create and connect the SCIM application
2. Enable provisioning
3. Set up provisioning
4. Assign users to Process Street

1. Create/Connect the Process Street SCIM Application

• From the tenant overview screen click Applications from the left menu
• Click Browse App Catalog.
• Search for the pre-built SCIM app called “SCIM 2.0 Test App (OAuth Bearer Token)” to help you get set up faster.
• Click Add Integration.
• In General Settings, for the “Application label”, put “Process Street”.
• Un-check the box for “Browser plug-in auto-submit”
• Click Next.
• In Sign-On Options, make sure the “Application username format” is set to “Okta username”.
• Click Done.

2. Enable provisioning

• Navigate to the “Provisioning” tab.
• Click Configure API Integration.
• Check the box to Enable API Integration.
• In the “SCIM 2.0 Base Url” field, add this URL: https://public-api.process.st/api/scim.
• Add a Process Street API key as the “OAuth Bearer Token” (see Generating an API key for details on how to create an API key).

3. Set up provisioning

• Choose from Okta to SCIM (i.e. “To App” in the “Settings” sidebar).
• In the “Provisioning to App” section, make sure that these are checked:
  • Create Users
  • Update User Attributes
  • Deactivate Users
• In the “Attribute Mapping” section, ensure that these fields are mapped:
  • Given name (map from Okta profile)
  • Family name (map from Okta profile)
  • Email
  • Primary email type
  • Display name
  • User type (this controls the user’s role)
• Remove any of the other fields that you don’t wish to map. If you do not, SCIM may not work.
• Scroll up and edit the enablement steps. Check the boxes for:
  • Create Users
  • Update User Attributes
  • Deactivate Users
• Click Save.

Assign users to Process Street

• Click on the “Assignments” tab.
• Click Assign, then Assign to people.
• Search for the user you’d like to add, click Assign.
• Scroll down and enter the user type (defaults to “Guest (Internal)” if not provided), can be one of:
  • Admin
  • Member
  • Guest (Internal)
  • Guest (External)
• Save and go back to add more users.

Note: When adding a Guest (Internal) or Guest (External) make sure to include the spaces and parenthesis exactly as you see them here.

FAQs

Can I add existing users in Process Street to Okta to manage them?
Yes, ensure that you have the email address and the exact user name from Process Street and you can add them into Okta.

• Learn the 5 stages of process building in our Getting started guide
• Watch helpful videos and webinars on our YouTube channel
• Learn about Process AI
• Collect info with Forms
• Organize data with Data Sets
• Get started with Pages
• Get inspired by our Blog