User Provisioning with Okta
If you are looking for SSO setup with Okta, see SSO Setup
Please note: This integration is available for PLUS customers only
Okta & Forecast
Forecasts integration with Okta allows you to use Okta for user provisioning service when accessing Forecast. This means that your Forecast account will have an extra layer of security. In order to make use of the integration please make sure that your email in Forecast is the same as the one in Okta.
The following provisioning features are supported:
- Push New Users - New users created through OKTA will also be created in Forecast
- Push Profile Updates - Updates made to the user's profile through OKTA will be pushed to Forecast
- Push User Deactivation/reactivation - Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in Forecast
- Import New Users - New users created in Forecast will be downloaded and turned in to new AppUser objects, for matching against existing OKTA users
Setting up Provisioning
Step 1: Go to Your Org section of Okta
Step 2: Click Add Apps
Step 3: Find Forecast in the application catalogue, and click Add Apps
Step 4: Select Do not display application icon to users and Do not display application icon in the Okta Mobile App. Also uncheck the "Automatically log in when user lands on login page"
Step 5: In the Sign-On Options screen, set the Application username format to Email
To add the provisioning feature of the Forecast application, navigate to the Applications section in Okta and click the Add Application button.
Configure your Provisioning settings for Forecast
Step 1: Find your SCIM username and password in Forecast here: https://app.forecast.it/settings/catalog/okta
Step 2: Go to the Forecast application inside Okta and select the Provisioning tab
Step 3: Click the Configure API Integration
Step 4: Scroll down and select the Provisioning Features you want to enable
Step 5: Click the "Enable API integration" and fill in the Username and Password received from Step 1.
Step 6: Click the "Test API Credentials" and you should see a confirmation like this:
Troubleshooting and Tips
If you find any problems, don't hesitate to contact us at firstname.lastname@example.org or on the chat.