Qualified’s enterprise SSO helps your team access Qualified through a single entry point and gives IT complete control to add, edit, activate, and deactivate users.
In this article, we'll walk you through how to provision Qualified users from within your OneLogin application.
Getting Started
As a prerequisite, ensure that you have configured SSO in Qualified and enabled with OneLogin.
The following provisioning features are supported within Qualified provisioning of SSO users:
- Push New Users: New users created through OneLogin will also be created in Qualified.
When a user is provisioned, we'll move over their name, phone number, email, timezone, and their profile pic from OneLogin into Qualified automatically. Once this user is created initially, only email and role information can be updated from OneLogin.
- Push User Deactivation: Deactivating the user or disabling the user's access to Qualified through OneLogin will deactivate the user in Qualified.
For this application, deactivating a user means removing access to log in, but maintaining the user's Qualified information as an inactive user.
- Reactivate Users: User accounts can be reactivated in Qualified via OneLogin.
The following provisioning features are not supported:
- Import Users
- Import/Push Groups
- Sync password
- Profile sourcing
Configuration Instructions
Use the steps below to configure SSO provisioning within Qualified.
In Qualified:
- Log in to your Qualified account as an admin and navigate to Settings > Single sign-on.
- Click on the “SCIM Enabled?” toggle to turn it on as shown below.
- Copy the “SCIM OAuth Bearer Token” that is given after this option is enabled.
In OneLogin
- First, Navigate to Users -> Roles within your OneLogin Admin console and create 2 new roles called: “Qualified Admin” and “Qualified Rep.”
- Navigate to the Qualified application within your OneLogin Admin console.
- Go to the Configuration tab and paste your SCIM Oauth Bearer Token in SCIM Bearer Token field in OneLogin.
- Paste in the previously copied “SCIM OAuth Bearer Token” from Qualified into the “SCIM Bearer Token” field and click on the “Enable” button as shown below:
Then, navigate to the Provisioning tab and check the box next to “Enable provisioning” and set “When users are deleted in OneLogin, or the user's app access is removed, perform the below action” to “Suspend” as shown below:
Optional: Go to the Parameters tab and map the optional Timezone field to whichever custom field you have created to store your Users’ timezones.
To finish, click the “Save” button in the top right corner. And that's it - you've provisioned Qualified users in OneLogin!