Can I turn over provisioning of new Domo users to my internal IT team to handle it all using Okta?
Hi all- I found these reference links:
(appears that provisioning is *NOT* supported)
(appears that provisioning *IS* supported)
And this forum thread:
But it doesn't seem 100% clear to me on whether new Domo user provisioning can be handled totally by Okta without manual steps in Domo for each new user added (outside of the initial "provisioning" configuration required between Okta and Domo, of course).
Is anyone here able to confirm if you were able to configure all new Domo user provisioning via Okta, without a need to add each user manually in the Domo app itself?
In other words, can I turn over provisioning of new Domo users to my internal IT team to handle it all using Okta?
Thanks for any feedback!
Best Answer
-
@BryantCafferty I believe you can have Domo inherit directory groups from Okta that you can use to manage access without a manual touch. Here are the directions from Domo's Admin panel.
1
Answers
-
@BryantCafferty I believe you can have Domo inherit directory groups from Okta that you can use to manage access without a manual touch. Here are the directions from Domo's Admin panel.
1 -
Thanks @MichelleH! This is helpful. I'll follow up here if I'm able to make progress with our Okta team.
0 -
Hi @BryantCafferty just curious if you were able to seamless integrate Domo with Okta? Thank you in advance
0 -
Hi @TiagoV - apologies to you and to the community for my lack of follow-up on this one! It took a while to get a final answer and I lost sight of my comment here.
So it turned out the org had previously configured an integration with Okta that was passing user attributes that we were leveraging to define Dynamic Groups in Domo. The reason we weren't seeing users get automatically created was a checkbox. Under the SAML (SSO) settings under Authentication in the Admin panel, we had to uncheck the box in "Advanced settings" for "Only invited people can access Domo."
For deprovisioning, we went with using Tray to receive an Okta deprovisioning webhook signal to then send an API call to Domo to change the user to a "Social" role, which basically shuts off user access but preserves anything tied to their user in Domo. (Users can be removed later if needed manually in Domo once all migrations are complete.)
Hope that helps!2 -
Hi @BryantCafferty it definitely helps! Appreciate it !
0
Categories
- All Categories
- 1.8K Product Ideas
- 1.8K Ideas Exchange
- 1.6K Connect
- 1.2K Connectors
- 300 Workbench
- 6 Cloud Amplifier
- 9 Federated
- 2.9K Transform
- 102 SQL DataFlows
- 626 Datasets
- 2.2K Magic ETL
- 3.9K Visualize
- 2.5K Charting
- 753 Beast Mode
- 61 App Studio
- 41 Variables
- 692 Automate
- 177 Apps
- 456 APIs & Domo Developer
- 49 Workflows
- 10 DomoAI
- 38 Predict
- 16 Jupyter Workspaces
- 22 R & Python Tiles
- 398 Distribute
- 115 Domo Everywhere
- 276 Scheduled Reports
- 7 Software Integrations
- 130 Manage
- 127 Governance & Security
- 8 Domo Community Gallery
- 38 Product Releases
- 11 Domo University
- 5.4K Community Forums
- 40 Getting Started
- 30 Community Member Introductions
- 110 Community Announcements
- 4.8K Archive