Orchestrate revenue agents with the new Workflows

Set up SCIM with Okta

Automate member provisioning with Okta.

Table of Contents

Available on enterprise plan.

Only admins can configure SCIM.

This guide walks you through connecting Attio to Okta so you can provision and manage Attio workspace members directly from Okta.

Prerequisites

Before you begin, ensure the following:

Supported features

The following SCIM provisioning actions are supported by Attio:

  • Create users

  • Update user attributes

  • Deactivate users

  • Import users

  • Import groups

  • Push groups

Connect Attio to Okta

Using the Attio app in the Okta Integration Network (OIN), you can connect directly from the Okta App Catalog.

  1. In your Okta Admin Console, go to Applications > Applications.

  2. Click Browse App Catalog and search for "Attio".

  3. Select the Attio app and click Add Integration.

  4. Click the Provisioning tab and click Configure API Integration.

  5. Click Authenticate with Attio. You will be redirected to log in to Attio.

  6. Select the workspace you want to connect and confirm.

Okta is now connected to Attio. Any users you assign to this app in Okta will be provisioned as workspace members in Attio. Before provisioning users, you may want to configure automatic seat assignment. To learn more about how SCIM handles provisioning, roles, and teams, see Provision users and teams with SCIM.

Configure provisioning to app

  • In your Okta app, click the Provisioning tab.

  • Click To App under Settings.

  • Click Edit in the top right.

  • Enable the following:

    • Create Users: Creates or links a user in Attio when assigning the app to a user in Okta

    • Update User Attributes: Syncs future profile changes from Okta to Attio automatically

    • Deactivate Users: Suspends a user's Attio membership when they are unassigned in Okta or their Okta account is deactivated

  • Click Save.

Assign a group

Assigning a group provisions all its members to Attio with the same role. A common approach is to create two groups, for example "Attio - Admins" and "Attio - Members", and assign each group with the corresponding role. Then manage access by adding users to the appropriate group.

  1. In your Okta app, click the Assignments tab.

  2. Click Assign, then select Assign to Group.

  3. Find the group you want to provision and click Assign.

  4. Update the Attio Role value if needed, selecting Admin or Member.

  5. Click Save and Go Back.

  6. Repeat for any additional groups, then click Done.

When a group is assigned, Attio checks whether each user already exists in the workspace. Existing users are linked rather than duplicated. New users are provisioned as workspace members.

Push groups

SCIM groups map to Attio teams. To create or link a team in Attio, use the Push Groups tab in your Okta app. Assigning a group from the Assignments tab only adds its members to the app; it does not create a team in Attio.

Note: For more on managing groups in Okta, see Manage groups in Okta's documentation.

Push a group to create a new team

  1. In your Okta app, click the Push Groups tab.

  2. Click Push Groups, then select Find groups by name.

  3. Search for and select the group you want to push.

  4. Click Save.

When a group is pushed, Attio creates a new team. Any members of that Okta group who are already in your Attio workspace are added to the team automatically.

Link a group to an existing team

If you want to link an Okta group to a team that already exists in Attio, first make sure the team exists in Attio. If it doesn't, create it before continuing.

  1. In your Okta app, click the Push Groups tab.

  2. Click Refresh App Groups to make sure Okta has the latest list of Attio teams.

  3. Click Push Groups, then select Find groups by name.

  4. Search for and select the group.

  5. Under Match result & push action, click Link Group. Okta will automatically find and select the matching Attio team. The group name in Okta needs to match exactly the team name in Attio (case-sensitive).

  6. Click Save.

To manage your groups in Okta, go to Directory > Groups in the Okta Admin Console.

When you unlink a group from the Push Groups tab, Okta will prompt you to choose whether to delete the corresponding team in Attio or keep it.

Note: Okta does not support removing a user from a group via SCIM. To remove a user from a team in Attio, do so directly in Attio.