• Log in to Okta and navigate to the Admin panel.

• Navigate to Applications > Applications and click the Create App Integration button.

• Select OIDC - OpenID Connect and Web Application and then click Next.

• Enter an App integration name and ensure that Authorization Code is checked. Then, in the Sign-in redirect URLs, enter:

https://login.puredome.com/oauth2/callback

• Under the Assignments section, select Skip group assignment for now. Click Save.

• Go to the General page of the application that you've just created. Copy Client ID and Client Secret values for later use.

• Under Sign On, navigate to the section OpenID Connect ID Token and change the Issuer to use the Okta URL. Click Save, and copy this URL into a text file for later use. 

• Navigate to the Directory section, select People, and choose the username of the user you wish to authenticate. Next, click on Assign Applications, choose the application you've generated, and click Assign. Finally, wrap it up by clicking Save and Go Back and then Done.

• Now, you can head to the PureDome console on your browser, navigate to Preferences and Single Sign-On. By choosing Okta you will be asked to enter four values as follows:

1. IDP Name: Any name you want
2. Client ID: Value copied from OKTA dashboard
3. IDP Client Secret: Value copied from OKTA dashboard
4. Issuer URL: Value copied from OKTA dashboard

• After completing all the steps above, you have successfully set up an OIDC application on your Okta with SSO enabled for PureDome.

• After enabling SCIM, you will find the SCIM Base URL and OAuth Bearer Token values in their respective tabs. Be sure to copy these values for future use.

• In the SCIM section, you’ll also see options for auto-assigning and auto-purchasing licenses. If you’d like, go ahead and enable those features!

• Log in to Okta and navigate to the Admin panel.

• Navigate to Applications > Applications and click the Create App Integration button.

• Select SWA - Secure Web Authentication and then click Next.

• Enter an App name. Then, in the App's login page URL, enter:

https://login.puredome.com/oauth2/callback

• Under How will your users sign in? section, select Administrator sets username and password & Email from Who sets the credentials and Application username drop down menu, and then click Finish. 

• Go to the General page of the application that you've just created, and then click Edit under App Settings.

• Check the box to Enable SCIM provisioning, and then click Save. 

• Go to the Provisioning page of your application, and then click Edit under SCIM Connection.

• Enter/ select the following details, then click Test Connector Configuration:
  • SCIM connector base URL: You'll find this in the PureDome console under the SCIM > SCIM Base URL tab after you create the SSO integration and enable SCIM.
  • Unique identifier field for users: userName
  • Supported provisioning actions:
    • Import New Users and Profile Updates
    • Push New Users
    • Push Profile Updates
  • Authentication Mode: You'll find this in the PureDome console under the SCIM > OAuth Bearer Token tab after you create the SSO integration and enable SCIM.

• If everything in the app is configured correctly, you will receive a successful notification. After that, click Save.

• Go to the Provisioning page of your application. Under Settings, click To App, and then click Edit.

• Check the boxes for Create Users, Update User Attributes, and Deactivate Users, and then click Save.

• Head to the Assignments section of your SCIM application, and select Assign. From there, you can choose to assign it to either individual users or groups. Once you've linked the application from Okta to either specific users or groups, return to the PureDome console. You'll see a list of users with the status "Inactive." Choose the users you want to give licenses to. Then, click Assign License to apply the licenses.

• Or if you aim to sync an entire Okta group to PureDome as a team, remember to add it under the Push Groups tab as well.