Configure Okta Provisioning for Quick Base

New identity management integration capabilities in Quick Base are available in early access. Using the standard System for Cross-domain Identity Management(SCIM) specification, you can sync Quick Base with Okta.

Note: to participate in early access, open a support case.

Features supported

Prerequisites

How to configure

Restrictions

Troubleshooting

Features supported

The following provisioning features are supported:

Prerequisites

Before you configure provisioning for Quick Base, make sure you have:

How to configure

Signing in to Okta

  1. Sign in to Okta with an account that has admin privileges.

  1. Click Admin.
  2. Click Classic UI.

Configuring API Integration

  1. Select Applications from the top navigation bar in Okta, then click Add Application.

  2. Search for "Quick Base" and click Add.

  3. On the General Settings screen, enter an Application label, enter your realm name as the Subdomain, then click Next.

  4. Select your sign-on method and click Done on the Sign-On Options page.

  5. If you want to use SAML for sign-ons, select SAML 2.0, and leave Default Relay State blank.
    Note: Click View Setup Instructions and save the information. You will need to provide this information to Quick Base Customer Care to set up your realm.

    Click Done.

  1. Select Provisioning then click API Integration in the left navigation bar.

  2. Select the Enable API Integration checkbox.

  3. Enter the Realm Admin user token as the API Token.


  4. Click Test API Credentials to test the connection.

  5. Click Save.

Enabling Okta to SCIM provisioning

  1. Click To App in the left-hand navigation bar of the Provisioning tab.

  2. Click Edit.

  3. Select the check boxes to enable Create Users, Update User Attributes, and Deactivate Users.

  4. Keep the default User Attribute Mapping. Currently we require the following attributes:

    But we will be using the other attributes in the future roadmap. In order to avoid migration, we prefer to store all the attributes now.

  5. Click Save.

Provisioning users

  1. Select Users, then select People.

  2. Click Add Person.


  3. Provide First name, Last name, Username, and Primary email.

  4. In the Password dropdown, select "Set by admin".
  5. Enter a random password (remember the password as you need to give it to the user).
  6. Select the "User must change password on first login" checkbox.
  7. Click Save or Save and Add Another.

Adding users to your application

  1. On the Assignments tab, click Assign and select Assign to People.

     

  2. Click Assign next to the people you want add to your application.

  3. You can update the User Name on the Assign App to People page.

  4. Click Save and Go Back to add more people.

  5. Finish adding people.

  6. Click Done.

Restrictions

The maximum length for user first name, last name, email, and username is 255 characters.

Spaces are not allowed in username and email values.

Troubleshooting

ERROR Solution
Message: "Provisioning failed: Multiple users in the realm match the given user's email address." Add the SCIM external IdM username to the correct user in the realm and re-provision the user.” This message appears when your realm has multiple users that share the same email address. Go to the Quick Base Manage All Users page in the Admin Console, find the user, and provide the username that matches the username stored in your IdM system for that user. After the user is saved, re-provision the user in the IdM.
Provisioning failed: Multiple users in Quick Base match the given user's email address, but none exist in the realm. Add the correct user to the realm and re-provision the user. This message appears when there are no users currently in your realm that have this email address, but multiple users exist in Quick Base that share the same email address. The user must be added to your realm for provisioning to succeed.
The updated user attribute (First name, Last name, email) is not reflected on the Quick Base Manage All Users page Make sure the user is a user whose email domain belongs to the company, or replace the API token used to configure the account with a realm admin who is an in-company user.

 

Go back      |       |   

© 1999-2018  QuickBase, Inc.  All rights reserved.  Legal Notices.