SCIM API

• Push New Users → New users created through your identity provider will also be created in Dovetail.

• Push Profile Updates → Updates made to the user’s profile through your identity provider will be pushed to Dovetail.

• Push New Groups → New user groups created through your identity provider will also be created in Dovetail.

• Push User Deactivation → Deactivating the user or deleting the user will deactivate the user in Dovetail.

• Reactivate Users → Reactivated users are also reactivated in Dovetail.

User attributes

All attributes are in the "urn:ietf:params:scim:schemas:core:2.0:User" namespace

User methods

• GET /Users

  • Returns a paginated list of users.

  • You can paginate using the startIndex and count parameters.

  • You can filter results with the filter parameter. Valid attributes to filter are displayName and userName using eq and and.

• POST /Users

  • Create a new user in your workspace.

  • Required attributes are userName and active.

Group attributes

Group methods

• GET /Groups

  • Returns a paginated list of user groups.

  • You can paginate using the startIndex and count parameters.

  • You can filter results with the filter parameter. Valid attributes to filter are displayName using eq.

• POST /Groups

  • Create a new user group in your workspace.

  • Required attributes are displayName.

• PATCH /Groups/<id>

  • Update an existing user group.

  • We only support adding members to a group via the Dovetail user ID.

Configure SCIM provisioning in Okta

1. Open the Dovetail app you’ve set up in Okta and navigate to Provisioning.

2. Under Integration, click Configure API integration, check Enable API integration, and click Authenticate with Dovetail.

3. From within the pop-up window, select your Dovetail workspace and click Allow. Once you are directed back to Okta, click Save.

4. Under To app, click Edit and enable your preferred features: Create users, Update user attributes, or Deactivate users. Click Save.

5. Navigate to the Sign On tab, and ensure that the Application username format is set to Email.

Provision users from Okta

To provision users in Dovetail from Okta, complete these steps:

1. Navigate to the Assignments tab.

2. Click Assign, then Assign to People, or Assign to Groups.

3. Select a user or a group, and assign a Dovetail role and Dovetail workspace admin from the relevant fields. Click Save.

Your users in Okta have now been provisioned in your Dovetail workspace. If a user is deactivated in Okta, their Dovetail account will also be deactivated and they will lose access to your workspace.

Create and link user groups from Okta

Note: If you do not already have a group in Okta that you’d like to link or push to a user group in Dovetail, navigate to Directory > Groups > Add Group.

To link a user group in Dovetail with a group in Okta, complete these steps:

1. Navigate to the Push Groups tab.

2. Click Push Group and enter the name of the group.

3. Click Push Groups, and find your group by name, or by rule.

4. If you have an existing user group in Dovetail you would like to link this group to, select Link Group and enter the name of the user group in Dovetail. If you would like to create a new user group, select Create Group, and click Save.

Your group in Okta and your user group in Dovetail are now linked. Any users you add to the group in Okta who are also assigned to your Dovetail application will be added to the group in Dovetail.