Provisioning is available if you’re already using the latest version of the CodeSignal app on Okta. You can create, update, and deactivate accounts. Syncing groups is not currently supported.
Before you can provision external users into your account you should have single sign-on (SSO) through Okta already configured for your CodeSignal account. Also, make sure that you have the user provisioning functionality for your Okta account. See Lifecycle Management for more details.
Step 1: Request your SCIM Bearer Token
Send a request to firstname.lastname@example.org to enable SCIM provisioning for your account. CodeSignal will provide you an SCIM Bearer Token to be entered in Okta.
Step 2: Enable SCIM API integration in Okta
- Log in to Okta and go to the CodeSignal application in your admin dashboard.
- Click on the Provisioning tab and then click the Configure API Integration button.
- Check the Enable API integration checkbox and enter the Bearer Token received from Step 1 in the API Token field.
- Click Test API Credentials and then click Save after making sure that the test was successful.
- Click To App in the left sidebar.
- Click Edit and choose the operations that you would like to enable.
- Click Save.
Step 3: Check the email address format in Okta
CodeSignal uses the email address of a user for identification. That means that the email address attribute for a user should match between SAML SSO and the SCIM user provisioning in the Okta app. Click the Sign on tab. From the Credentials details section, look for the Application username format setting. Make sure that it is set to a value that indicates the primary email of the user. Setting it to Okta username is still correct if your Okta username is set to be the primary email.
Step 4: Import and assign users
Go to the Import tab and click Import now. It will fetch existing users from CodeSignal and allow you to automatically add or assign them to existing users in Okta. After that you can make any assignments in the Assignments tab. Note that users added to CodeSignal will need to accept an invitation email before they can start using the platform. This is done to protect user privacy and ensure that users are not unintentionally added to a company to give them a chance to confirm before applying company authentication restrictions to their account.
Note that all new users added to CodeSignal will be added with the Interviewer role. Can you adjust their role from your CodeSignal dashboard once they accept the invitation.