Okta provides two ways to configure SCIM. Both are functionally identical, but have different networking properties:

Provisioning with Kantega SSO Okta SCIM 2.0
Requires an inbound network connection from Okta to the Atlassian application. If the Atlassian app is behind a corporate firewall, a proxy/gateway is required.
Okta Provisioning Agent (SCIM v1)
The provisioning agent is installed in the local network and maintains a secure tunnel with Okta. This allows SCIM provisioning without a proxy/gateway, even when the Atlassian application is inaccessible to the Internet. The provisioning agent uses the older SCIM v1 protocol, though this has no known functional drawbacks at the moment.

To begin the SCIM configuration, select Setup cloud user provisioning, then select either Okta or Okta Provisioning Agent (based on networking preference) under the SCIM header from the Add directory dropdown.

Introduction and network preparation

Tenant configuration

Configure SCIM in Okta

Provisioning with Kantega SSO Okta SCIM 2.0

Requires an inbound network connection from Okta to the Atlassian application. If the Atlassian app is behind a corporate firewall, a proxy/gateway is required.

Configure Provisioning with Kantega SSO Okta SCIM 2.0

Okta Provisioning Agent (SCIM v1)

The provisioning agent is installed in the local network and maintains a secure tunnel with Okta. This allows SCIM provisioning without a proxy/gateway, even when the Atlassian application is inaccessible to the Internet. The provisioning agent uses the older SCIM v1 protocol, though this has no known functional drawbacks at the moment.

Configure Okta Provisioning Agent (SCIM v1)

Kantega SSO Enterprise

Okta (SCIM)

Introduction and network preparation

Tenant configuration

Configure SCIM in Okta

Provisioning with Kantega SSO Okta SCIM 2.0

Okta Provisioning Agent (SCIM v1)