Setting up SCIM Provisioning with Okta

You must have an existing Hive workspace with the Enterprise Security Add-on. You must also be a system-level administrator in that Hive workspace. It is also assumed you have (or in the process of) setting up SAML SSO with the Hive Okta integration as well.

After adding Hive from the Okta OIN you will verify and / or configure your 'Workspace ID' value in the "Advanced Sign-on Settings" section while editing Settings on the "Sign On" application tab in Okta (you may have already filled out this value while setting up the Hive Okta SAML integration, in which case no need to set it again). This is your workspace ID, that you can see in Hive by going to the top-right user menu (click on your Avatar) and then choose the 'Edit profile' option. From there go to the 'API Info' link on your left menu. You will see your workspace id there (and other fields we will use later in the setup as well so keep this page open). Copy this workspace ID into the 'Workspace ID' field in the Okta integration setup and click “Done”.

Next you need to click “Configure API Integration” on the Hive Provisioning tab.

The ‘API Token’ field needs to be filled in with the ‘API Key’ value you have visible on the Hive API Info page where you also copied your workspace id from.

Once entered in, test those credentials with “Test API Credentials” to validate that you can properly authenticate with the Hive SCIM API. Click ‘Save’ when done.

There should now be a Provisioning tab visible in your Okta application setup. Click on the ‘To App’ setting option. You can select any of the following options:

Click ‘Save’ when done. Please note that we do not support syncing passwords, or setting them on your user in Hive through this integration.

We currently support only the following field mappings for users:

Any other field mappings from Okta to Hive will just be ignored and not persisted within Hive.