Add an Identity Provider

Cisco Secure Access supports provisioning users and groups through integrations with identity providers (IdPs). Secure Access uses the System for Cross-domain Identity Management (SCIM) protocol to exchange user and group information with Azure, Okta, and other IdPs. In Secure Access, generate a Secure Access SCIM token and get the Secure Access identity provisioning URL. Then, from the IdP, add your token and Secure Access identity provisioning URL to establish the integration between Secure Access and the IdP.

Table of Contents

• Prerequisites
• Procedure

Prerequisites

• Full Admin user role. For more information, see Manage Accounts.

Procedure

Add an IdP integration in Secure Access and configure the provisioning of users and groups on the IdP.

Generate an SCIM token for the IdP integration, and save the token to your local system. Copy and save the Secure Access Identity API URL. Use the Secure Access SCIM token and URL to configure the integration with an IdP.

1. Navigate to Connect > Users and User Groups.
2. Click Configuration Management, and then click +Add, or
   a. Click the Users tab, and then click Provision Users, or
   b. Click the Groups tab, and then click Provision Groups.
3. For Provisioning Method, click Identity provider (IdP).

4. For Choose Identity Provider, select an IdP or Other, and then click Next.

5. For Provisioning Token, click Generate Token to create the SCIM token for the integration with the IdP and Secure Access.

   

6. Click Copy token, and then save the SCIM token to your local system.

   
   

7. For Provisioning URL, click Copy URL to get the Secure Access identity provisioning URL.
   Save the URL to your local system.

   

8. For Configure your IdP portal, set up an IdP for the organization. For more information, see Configure Identity Providers.

9. Click Done.

---

Manage Provisioning < Add an Identity Provider > Provision Users and Groups from Okta