Okta: Set Up FileCloud Integration for SSO Group/User Import

To configure FileCloud/Okta integration in Okta for SSO group/user import:

1. Log in to the Okta admin portal, and navigate to Applications > Applications.
2. Click Create App Integration.
   

   

   
   A list of sign-in methods opens.
3. Choose API Services, and click Next.
   

   

4. Enter a name for the app integration and click Save.
   

   

5. Your new app opens to the General tab. Click Edit. 
   

   

6. For Client authentication, select Public key / Private key.
7. For Configuration, choose Save keys in Okta.
8. Click Add key.
   

   

   
   The Add a public key window opens.
9. Paste in your own key or click Generate new key.
10. If you click Generate new key, under Private key - Copy this! click PEM, and then click Copy to clipboard, and save the copied key to a text file with a .pem extension so you can upload it to FileCloud. 
    If you do not save as a .pem file, you will not be able to upload the private key to FileCloud.
    

    

11. Click Done.
12. Click Save, or your public key will not be saved.
    

    

    
    Once you click Save, your key should show a Status of Active and a Created date.
    

    

13. Remain on the General tab. Scroll down to General Settings, and click Edit.
    

    

14. Uncheck Proof of possession, and click Save.
    

    

    
    Click the Okta API Scopes tab.
    

    

15. Scroll down to okta.groups.read and click Grant to enable FileCloud to read Okta groups.
    

    

    
    
    You are prompted to grant okta.groups.read scope to the app.
16. Click Grant Access.
    

    

    
    Now the row for okta.groups.read should appear as:
    

    

    
    
17. Scroll down to okta.users.read and click Grant Access to enable FileCloud to read Okta users. 
    The Grant Okta API Scope notification does not appear again.
    

    

18. Click the Admin roles tab.
19. Click Edit assignments.
    

    

    
    
20. In Role, choose a role that should have access to Okta groups and users, or choose Read-only Administrator.
21. Click Save Changes.
    

    

    
    You have finished setting up integration on the Okta side. 
    Now you have the values you need to set up integration on the FileCloud side: the domain in the user drop-down box, the Client ID on the General tab, and the .pem keyfile that you saved.
    

    

    
    To enter the values into the FileCloud side, see SSO API: Configure Import of SSO Groups and Users.