Kubiya LogoKubiya Developer Docs
Identity Providers/Okta Integration

Enable Users Auto-Sync

Automatically synchronize users from Okta to Kubiya

Enable Users Auto-Sync with Okta

Step 1: Create App Integration in Okta

  1. Go to your Okta admin page {{org}}-admin.okta.com/admin/apps/active
  2. Click on Create App Integration
  3. In the popup modal, choose SWA - Secure Web Authentication and click next
  4. Change settings as needed and click finish

Step 2: Enable SCIM Provisioning

  1. In the General tab, click on Edit in the App Settings section
  2. Check Enable SCIM provisioning and click save

Step 3: Configure SCIM Integration

  1. In the Provisioning tab, edit Integration settings as follows:
    • SCIM connector base URL - Will be provided by Kubiya
    • Unique identifier field for users - userName (can be changed from Okta account to other)
    • Supported provisioning actions:
      • Import New Users and Profile Updates
      • Push New Users
      • Push Profile Updates
    • Authentication Mode - HTTP Header
    • Authorization - Will be provided by Kubiya
  2. Click Test Connector Configuration to verify the settings

Step 4: Configure Application Settings

  1. In the same Provisioning tab, edit the To App settings
  2. Enable the following options:
    • Create Users
    • Update User Attributes
    • Deactivate Users
  3. Click Save

Step 5: Adjust Attribute Mappings

  1. Remove (user.email != null && user.email != '') ? 'work' : '' from the email mapping

Step 6: Assign User Groups

  1. Under Assignments, add the same group from Kubiya Login App to sync only those users

Enable Okta Login

Configure Kubiya to authenticate users via Okta SSO

Connect to AWS

Connect one or more AWS roles to the Kubiya platform for agent use.

On this page