Provisioning Qualified Users in Okta

Qualified’s Enterprise SSO helps your team access Qualified through a single entry point and gives IT complete control.

In this guide we'll walk you through how to provision your Okta SSO users right from within Qualified.

Getting Started

As a prerequisite you'll want to first make sure that you have configured SSO in Qualified and enabled with Okta.

The following provisioning features are supported within Qualified provisioning of SSO users:

  • Push New Users: New users created through Okta will also be created in the third party application.
When a user is provisioned, we'll move over their name, role, phone number, email, and timezone from Okta into Qualified automatically. Once this user is created initially, we will not push or update the information again outside of email and role information.
  • Push Profile Updates: Updates made to the user's profile through Okta will be pushed to Qualified (email and role).
  • Push User Deactivation: Deactivating the user or disabling the user's access to the application through Okta will deactivate the user in Qualified.
For this application, deactivating a user means removing access to login, but maintaining the user's Qualified information as an inactive user.
  • Reactivate Users: User accounts can be reactivated in the application via Okta.

The following provisioning features that are not supported:

  • Import Users
  • Import/Push Groups
  • Sync password
  • Profile sourcing

Configuration Instructions

Use the steps below to configure SSO provisioning within Qualified.

In Qualified

  1. To get started you’ll want to login to your Qualified account and navigate to Settings > Single Sign-On within Qualified.
  2. Click on the “SCIM Enabled?” toggle to turn it on
SCIM Enabled toggle shown within the Qualified application,

      3. Copy the “SCIM OAuth Bearer Token”

In Okta

  1. Navigate to the Qualified application within your Okta Admin console.
  2. Go to the “Provisioning” tab and then click on “Integration”
  3. Click the “Configure API integration” button
Configuring API Integration options within Okta
Clicking the "Configure API Integration" button within your Okta account.

      4. Paste in the previously copied “SCIM OAuth Bearer Token” from Qualified into the “API Token” field and make sure the checkbox next to “Enable API integration” is checked.

Enter in your token copied within Qualified in the earlier step.

      5. Click on “Test API Credentials" and then click “Save”

      6. Click on the “To App” link on the left-hand side within the “Provisioning” tab.

      7. Click the “Edit” button on the top right and then click the checkbox to enable “Create Users”, “Update User Attributes”, and “Deactivate Users”.

Provisioning to App options within Okta
Enable all options shown above for creating, updating, and deactivating users within Qualified.

Troubleshooting Tips

  • The only attributes that Qualified will update within Qualified when we receive a “Push Profile Update” is Email and Role.
  • If you have any questions or difficulties, please reach out to Qualified Technical Support at help@qualified.com

Request a live demo

See Qualified in action on your website. Request a live demo and one of our reps will contact you immediately, or talk to us right now.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Free custom demo
Live on your site