Articles on: Integrations

Okta SCIM Integration

If your organization uses Okta to manage your employees access to tools and services, you can take advantage of Okta’s “Provisioning” feature to automatically grant access to Base-B to your users, and even optionally synchronize membership in select Okta Groups with Base-B user groups.

The integration between Okta and Base-B that enables this provisioning to occur is built around an industry-standard protocol known as SCIM (System for Cross-domain Identity Management). To learn more about how Okta works with SCIM, please see this article.

The remainder of this guide is focused on enabling you to configure both Base-B and Okta to get provisioning up and running for your organization.


Configuration Steps
Known Issues/Troubleshooting


The following provisioning features are supported:

Push Users: New users created through OKTA will also be created in the Base-B application.
Push Profile Updates: Updates made to the user profile through OKTA will be sent to the Base-B application.
Push User Deactivation: Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the Base-B application. Note: For this application, deactivating a user means removing login access, but keeping the user's Base-B information as an inactive user.
Reactivate Users: User accounts in Base-B can be reactivated via OKTA.
Push Groups: Groups and their members in Okta can be sent to Base-B (like user groups in Base-B).
Import Users: New users created through Base-B application will also be created in the OKTA.


User provisioning based on the SCIM protocol is only available to paying customers.
You need to configure SAML first to make sure the Base URL field is filled under the General tab, please see this article.

Configuration Steps

Configure provisioning functionality as follows.

Enable provisioning functionality

In Base-B

To enable the provisioning that will allow the synchronization of users and groups between Base-B and Okta, it will be necessary to carry out the following steps:

In Settings > Integrations > API Keys, click "Generate Key" to generate a new API access key.

A screen with the generated key will be displayed. Copy the generated key so that the integration between Okta and Base-B by the SCIM server is possible.

Leave the browser window open and log in to your Okta instance to complete the configuration on the Okta side.

In Okta

In the OKTA admin panel, under Applications > Applications, access the Base-B application.

Access the "Provisioning" tab and go to the "Integration" option.

After that, complete the configuration form:
Enable API Integration
In the "API Token" field, inform the token previously generated in Base-B

Click on "Test Connector Configuration" to validate that the integration works and then save the settings.

Check each box for the provisioning actions supported by Base-B:

Create Users
Update user attributes
Deactivate users

Then click on the "Sign On" tab and click on "Edit".

Select "Okta username" in the "Application username format" field and click "Save".

That's it, the integration with Okta is complete.

Known Issues/Troubleshooting

If you have questions or difficulties with your Base-B/Okta SCIM integration, please contact Base-B support via

Updated on: 09/05/2023

Was this article helpful?

Share your feedback


Thank you!