SCIM (System for Cross-Domain Identity Management) is an open standard protocol for the automation of user provisioning.
Automatic provisioning refers to creating users and user groups in Harness. In addition to creating these, automatic provisioning includes the maintenance and removal of users and user groups as and when required.
We usually see issues related to SCIM provisioning with OKTA and below are Steps you need to validate for the same.
For failure in the Integration Step in OKTA :
Validate the SCIM Connector Base Url , sometimes we mistake it with the SAMl url.
URL: https://app.harness.io/gateway/ng/api/scim/account/<account_id>
Also when you create the personal access token. Make sure it has the required the role bindings(admin).
For provisioning the User groups when you add a new group :
You will see the group provisioning status and logs.
Check the logs here :
Logs would look like :
Any errors and failure would be shown here while the group provisioning.
We can also force push a group :
OKTA SCIM SSO Integration Documentation :