This guide provides the steps required to configure Single Sign-On using OpenID Connect (OIDC) and Provisioning using System for Cross-domain Identity Management (SCIM 2.0) for Harriet Platform.

Please note:

• SCIM provisioning changes can only be synced from Okta to Harriet, not the other way round.
• Existing Harriet customers who wish to enable SCIM Provisioning in Okta should use this configuration guide.

Features

Harriet supports Single Sign-On (SSO) with Okta via OIDC

Harriet admins can independently enable SSO for your organization’s Harriet account and manage the integration moving forward as required.

• Service Provider (SP) Initiated SSO
  • Users will be able to initiate the login process via Okta account from the main Harriet Platform login page.

Configuration Steps

1. You need to install the Harriet app from the Okta App Catalog to your Okta account first.

On the application section on your Okta Dashboard, Click on Browse App Catalog, search for Harriet and click Add. 2. Adding the Harriet app will redirect you to the App general page.

Copy the app credentials by going to Sign on. You will see Client ID and Client secret. Copy them.

1. Log into your Harriet account and go to the All integrations page, look for Okta integration and click Connect.

Note: if the Connect button shows a 🔒 padlock icon, you will need to contact Harriet support and may need to upgrade your account.

4. Complete all required fields on the Connect Okta screen and click Save

5. Domain: add your’s organization domain (e.g. example.com).

6. Secret key: add your Harriet’s Okta app credential in JSON format as below. Note that the domain key is the domain of your Okta account, not your organization’s email domain.

{"client_id": "xxxxx", "secret": "yyyyy", "domain": "[dev-zzzz.okta.com](<http://dev-zzzz.okta.com/>)"}

1. You should now be able to sign in to Harriet via the Sign in with Okta from the main Harriet Platform login page.

If you need any help, feel free to reach out at [email protected]