and more in a single search tool across platforms. Read the announcement here. |
05/06/2024 07:38 PM
Hi All,
Requirement - Map an entitlement from a one endpoint (Okta) when an account is created in target application to enable SSO.
Situation - I've onboarded an application that exposes a SCIM endpoint but does not expose any entitlements. I arbitrarily mapped a specific account attribute (user type) as an entitlement, thinking I could then use this with entitlement mapping to map across to the Okta application to enable SSO to the application post account creation.
Issue - Create Account JSON does not do any entitlement mapping for accounts (from my understanding) and the entitlements will only map to the account using the import account and import access scheduled jobs, which will be scheduled.
Is there a way to map entitlements across endpoints as part of the create account process?
Solved! Go to Solution.
05/06/2024 08:10 PM
No you can't map entitlements as part of create account json
05/06/2024 08:29 PM
Hi @rushikeshvartak,
As I said, i know this can't be done as part of the create account json.
I'm just wondering if there is a way to achieve this as part of the overall create account process. We have a large number of apps where we would need to create an account in the target application and also provide access to the application via our IDP (different endpoint entitlement) at the same time.
05/06/2024 10:37 PM
Hi @Ben, if you want to assign a group at the time of account creation ftom a particular endpoint for SSO.. you can use entitlement with new account functionality.
05/08/2024 04:11 PM
Thanks, @NM. This is exactly what I was looking for!
05/08/2024 08:14 PM
There is known issue that if request gets rejected entitlement will be still assigned
05/08/2024 08:21 PM
@rushikeshvartak , is it in newer or older verison .. haven't encountered it
05/08/2024 08:27 PM
I have seen in older versions
05/07/2024 07:49 PM
Use Enterprise roles