Skip to main content

Okta SCIM Org Roles

Update Okta User Org Role

For every user, Statsig surfaces a SCIM field named statsigOrgRole. Through this field, you can manage organization user roles. Currently, Okta can only push role updates to Statsig.

Step 1. Create the Custom Attribute in Okta

Navigate to Directory > Profile Editor and select the User (default) Okta profile. This represents all of the Okta users' attributes. Scroll down and press Add Attribute and fill out the new attribute to have the variable name statsigOrgRole.

img

Step 2. Create the Custom Attribute in the Statsig SCIM Integration

Now Navigate to the Statsig SCIM Integration's User Profile in the Profile Editor. Add an new attribute that matches the following format:

  • Variable name: statsigOrgRole
  • External namespace: urn:ietf:params:scim:schemas:core:2.0:User

img

Step 3. Create a Mapping from Statsig to Okta for the Custom Attribute

On the same Statsig SCIM profile editor, navigate to the Mappings button. Scroll down to the new attribute statsigOrgRole and map user.statsigOrgRole to the Okta attribute statsigOrgRole.

img

Step 4. Create a mapping from Okta to Statsig for the Custom Attribute

Now navigate to the Okta User to Statsig SCIM user mapping. img

Scroll down to the statsigOrgRole attribute and map user.statsigOrgRole to the Okta attribute statsigOrgRole.

img

Now all users will be synced with their organization role. On the Statsig SCIM integration you can modify a user's role directly as well.

Step 5. Modify Integration Mappings

Navigate to the Statsig SCIM integration provisioning section. Under the "To App" tab, scroll down to the statsigOrgRole attribute.

img Set the attribute value to Map from Okta Profile and statsigOrgRole. Set apply on Create and update.

img

Navigate to the "To Okta" tab and scroll down to the statsigOrgRole attribute. img

Set the attribute value to Map from Statsig Profile and statsigOrgRole. Set apply on Create.

img