Documentation
Agora Basics
Console 官网 Community Technical support
English
search-icon

Log in to Agora through Okta

Last updated 2022/09/20 07:43:49

If your team uses Okta as an Identity Provider (IdP), you can manage team members' access to Agora Console through System for Cross-domain Identity Management (SCIM), so that your team members can log in to Agora using their Okta accounts.

This page shows how to configure SCIM and what you can do with Agora Console accounts using Okta.

Supported features

When you make the following configuration on Okta, the configuration is automatically synchronized to Agora Console:

  • Creating new users
  • Deactivating or reactivating users
    • For Agora Console, deactivating a user means permanently deleting the user's account.
    • For Agora Console, reactivating a user requires resetting the password.
  • Importing users. Users created in Agora Console can be imported into Okta and either matched against existing Okta users or created as new Okta users.
    The user's first name and last name must be set in Agora Console, otherwise the user cannot be imported.
  • Importing groups
  • Pushing groups. Groups and their members in Okta can be pushed to Agora Console (as Agora Console teams and team members).
    Currently Agora Console doesn't support the Push Now function in pushing groups.
  • Removing groups.
    For Agora Console, you cannot remove the default groups or the groups with any group member.

Requirements

Before proceeding, ensure that you meet the following requirements:

  • You use Okta as the IdP for your app.
  • You have an Okta developer account that has administrative privileges.
  • You have an Agora account that has the role of Admin.

Configuration steps

  1. On the SSO management page in Agora Console, turn on the switch under SCIM API Basic Auth. A set of Username and Password is generated.
  2. Navigate to the Okta Console.
  3. Click the General tab under the Agora integration, and click Edit. In the Provisioning section, select SCIM and click Save.
  4. Click the Provisioning tab.
  5. Click Settings > Integration.
  6. Click Edit, and make the following changes:
    • In SCIM connector base URL , enter https://console-open.agoralab.co/open-api/v1/scim_v2.
    • In Unique identifier field for users, enter email.
    • Under Supported provisioning actions, select all the checkboxes.
    • In the Authentication Mode dropdown menu, select Basic Auth.
    • Under the Basic Auth section, paste the username and password from the SSO management page in Agora Console.
  7. Assign the Agora integration to your team members. For details, see Assign applications to users.
  8. Click the Sign On tab under the Agora integration and find the Credentials Details section.
  9. Select Email as Application username format.

To test your integration, ask a team member to follow these steps:

  1. Open your Identify Provider Single Sign-On URL in a browser.
  2. Enter the Okta username and password.
    If the username and password are correct, the team member is redirected to Agora Console.

Alternatively, if you have configured SCIM, ask a team member to follow these steps:

  1. Sign in to their Okta accounts.
  2. On the My Apps page, click the Agora integration. The team member is redirected to Agora Console.

Reference