Knak

This guide walks you through setting up user provisioning with Okta using OAuth 2.0 and Knak’s SCIM API. By the end, you’ll be able to automate user creation and updates from Okta to Knak.

📌 Click here for details on <a href="https://help.knak.io/en/articles/6288285-set-up-single-sign-on-sso-with-okta">Set Up Single Sign-On (SSO) with Okta</a>

___________________________________________________________

Step 1: Create a New OAuth Application in Knak

To activate SCIM-based provisioning, create an OAuth 2.0 app in Knak.

1. Go to <a href="https://enterprise.knak.io/account/oauth-applications" rel="nofollow noopener noreferrer" target="_blank">OAuth Applications Settings</a>.

2. Click Create new OAuth application.

3. Name the app User Provisioning.

&lt;https://system-admin.okta.com/admin/app/cpc/&gt;&lt;okta_instance&gt;_&lt;okta_app_name&gt;/oauth/callback

&lt;okta_instance&gt;: This is the name of your Okta organization. You can find it in your URL, for example: ​<code>https://&lt;okta_instance&gt;.okta.com/</code> ​(Example: If your URL is <code>https://mycompany.okta.com</code>, then your instance is <code>mycompany</code>.)

&lt;okta_app_name&gt;: This is the ID of the app you created for Single Sign-On (SSO) in Knak.

- You can find it in the URL when you open the app's settings in Okta: ​<code>https://&lt;okta_instance&gt;-admin.okta.com/admin/app/&lt;okta_instance&gt;_&lt;okta_app_name&gt;</code>

- &lt;okta_instance&gt;: This is the name of your Okta organization. You can find it in your URL, for example: ​<code>https://&lt;okta_instance&gt;.okta.com/</code> ​(Example: If your URL is <code>https://mycompany.okta.com</code>, then your instance is <code>mycompany</code>.)
- &lt;okta_app_name&gt;: This is the ID of the app you created for Single Sign-On (SSO) in Knak.
 - You can find it in the URL when you open the app's settings in Okta: ​<code>https://&lt;okta_instance&gt;-admin.okta.com/admin/app/&lt;okta_instance&gt;_&lt;okta_app_name&gt;</code>

Important: ✅ Save the Client ID and Client Secret. You'll need them in Okta.

1. Log into your Okta Admin Console.

2. Go to the Knak app you created for SSO.

3. Under General, check Enable SCIM provisioning.

4. A new tab called Provisioning appears. Click it.

6. Go to the Integration tab. Click Authenticate with [Knak App Name]. Complete the authorization steps.

7. Go to the To App tab. Enable Create Users.

8. You can now assign users in Okta and they will be provisioned into Knak. 

The invited users will be assigned to the collaborator role by default and have access to all brands. An admin from your team will need to go into Knak to set the proper roles and brand scoping.

If users were assigned before SCIM provisioning was set up, Okta will display a warning.

You can resolve this by importing users from Knak to Okta. This maps existing Knak users to Okta profiles and creates any missing ones.

Need more help? Contact support via live chat within Knak using the chat bubble in the bottom right corner or email <a href="mailto:support@knak.com" rel="nofollow noopener noreferrer" target="_blank">support@knak.com</a>

Enable automatic user creation and management in Knak using Okta's System for Cross-domain Identity Management (SCIM) integration.

User Provisioning Setup for Okta Guide

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

Field	Value
SCIM Version	2.0
SCIM connector base URL	https://enterprise.knak.io/scim/v2
Unique ID for users	email
Supported provisioning actions	- Import new users, Push new users and profile updates
Authentication Mode	OAuth 2
Token endpoint	https://enterprise.knak.io/oauth/token
Authorization endpoint	https://enterprise.knak.io/oauth/authorize
Client ID	Copied from new OAuth app
Client Secret	Copied from new OAuth app

User Provisioning Setup for Okta Guide

Overview

Step 1: Create a New OAuth Application in Knak

Step 2: Connect the SCIM Service in Okta

Handling Previously Assigned Users