The following provisioning features are supported within Qualified provisioning of SSO users:
Push New Users: New users created through OneLogin will also be created in Qualified.
When a user is provisioned, we'll move over their name, phone number, email, timezone, and their profile pic from OneLogin into Qualified automatically. Once this user is created initially, only email and role information can be updated from OneLogin.
Push User Deactivation: Deactivating the user or disabling the user's access to Qualified through OneLogin will deactivate the user in Qualified.
For this application, deactivating a user means removing access to login, but maintaining the user's Qualified information as an inactive user.
Reactivate Users: User accounts can be reactivated in Qualified via OneLogin.
The following provisioning features that are not supported:
Use the steps below to configure SSO provisioning within Qualified.
Login to your Qualified account as an admin and navigate to Settings > Single sign-on
Click on the “SCIM Enabled?” toggle to turn it on as shown below
Copy the “SCIM OAuth Bearer Token” that is given after this option is enabled
Navigate to Users -> Roles within your OneLogin Admin console and create 2 new roles called: “Qualified Admin” and “Qualified Rep”.
Navigate to the Qualified application within your OneLogin Admin console
Go to the Configuration tab and paste your SCIM Oauth Bearer Token in SCIM Bearer Token field in OneLogin.
Paste in the previously copied “SCIM OAuth Bearer Token” from the Qualified console into the “SCIM Bearer Token” field and click on the “Enable” button as shown below:
Next, navigate to the Access tab and enable the two new Roles you created for the application.
Go to the Rules tab and create a rule called “Qualified Admin” using the following settings shown below:
Next, navigate to the Provisioning tab and check the box next to “Enable provisioning” and set “When users are deleted in OneLogin, or the user's app access is removed, perform the below action” to “Suspend” as shown below:
Optional: Go to the Parameters tab and map the optional Timezone field to whichever custom field you have created to store your Users’ timezones.
Click the “Save” button in the top right corner.
The only attributes that we will update within Qualified when we receive a “Push Profile Update” is Email and Role.