Slab supports SCIM via Okta, allowing you to streamline your process without having to manually create or provision user accounts for every new hire, giving your entire team easy access to Slab.
Note: Before using SCIM, you must set up the SAML 2.0 integration with Okta.
The following SCIM features are supported:
- Create users: Users in Okta that are assigned to the Slab application in Okta are automatically added as members to your organization in Slab.
- Update users: Updating user attributes in Okta will push them to Slab as well and reflect those changes.
- Deactivate users: Deactivating or deleting users in Okta will automatically deactivate those users in Slab as well.
Features currently restricted or not supported yet are:
- Groups: Slab does not support any of the SCIM Group features at the moment, but this may change in the future.
- Syncing Passwords: Slab does not support automatically updating user passwords in Slab when updated in Okta. As a workaround, you can force SSO-only in authentication settings to not worry about user passwords at all.
- You must have an Okta account and be on the Business or Enterprise plan for Slab.
- You must already have SAML 2.0 integration configured.
1. Set up the SAML 2.0 integration if you haven't already.
2. Contact email@example.com with the request to enable SCIM on our end and provide you with your SCIM API token.
3. Open the Slab app in your Okta Admin dashboard
4. Select the Provisions tab and click on Configure API Integration button:
(If you do not see the Provisioning section or if it's disabled, you might be on an older version of our Okta integration. See the Troubleshooting section below for more details)
5. Select the Enable API Integration checkbox, and enter the API token you received from Slab team in step 2.
6. Click on the Test API Credentials button to make sure that the API token works correctly for your Slab team, before finally hitting Save.
7. The page will refresh and you'll now find the Provisioning section with more settings.
8. In the To App settings, click the Edit button and enable:
- Create Users
- Update User Attributes
- Deactivate Users
9. Click Save to enable SCIM for your Slab team.
10. Unassign and reassign existing users on the Slab app. While this is optional, it is still recommended because existing users will not be updated/deactivated in Slab if you do the same in Okta. See the Troubleshooting section below for more details.
The SCIM integration uses Okta usernames to manage and sync users and thus does not support username changes. Changing usernames on Okta can break the behavior for that user. You can reach out to us for more information on how our Okta integration works.
Provisioning Tab Missing
If you don't see the "Provisioning" tab in the Slab integration in Okta, or if it's disabled or missing SCIM inputs; there's a good chance you're on an older version of the integration. Follow the instructions here to reinstall it.
Updating/Deactivating users in Okta is not reflected in Slab
Users assigned to the Slab app before SCIM is enabled will not have SCIM working for them. That means if you update or deactivate the user in Okta, they will not be updated or deactivated in Slab. This is a limitation on Okta's end.
If you had only a few users assigned to the app before enabling SCIM, the simplest workaround is to unassign and reassign them. If not, you can get in touch with Okta support and ask them to do it for you.
Having issues setting up the integration? Contact us for help.