Provision Token for Identity Provider

Cisco Secure Access uses the System for Cross-domain Identity Management (SCIM) protocol to exchange user and group information with various identity providers (IdPs): Azure, Okta, and other IdPs. You can provision your organization's users and groups into Secure Access through integrations with IdPs. In Secure Access, generate a Secure Access SCIM token and get the Secure Access Identity URL. Then, from the IdP add your token and API Identity URL to establish the integration.

Table of Contents

• Prerequisites
• Procedure
• Configure Identity Providers

Prerequisites

• Full Admin user role. For more information, see Manage Accounts.

Procedure

Generate an SCIM token for an IdP and save the token to your local system. Copy and save the Secure Access Identity API URL. Use the Secure Access SCIM token and URL to configure the integration with an IdP.

1. Navigate to Connect > Users and Groups > Users and click Provision Users or Connect > Users and Groups > Groups and click Provision Groups.
2. For Provisioning Method, click Identity Provider.

3. Choose an identity provider and then click Next.

4. Click Generate Token to create a provisioning API access token for your integration with the IdP.

5. Click Copy token to copy the generated token. Save the token to your local system.

6. Click Copy URL to copy the Secure Access Identity API URL. Save the URL to your local system.

7. Click Done.

Configure Identity Providers

With your Secure Access SCIM token and Identity API URL, configure a supported IdP to provision users and groups in Secure Access.

• Provision Users and Groups from Okta
• Provision Users and Groups from Azure

Import Users and Groups from CSV File < Provision Token for Identity Provider > Provision Users and Groups from Okta