Prerequisites
- A UserVoice plan that includes SAML Single Sign-On & SCIM
- UserVoice Admin with Owner Level Permission
- Okta access to provision apps
- SAML SSO configured with UserVoice and Okta as a SAML or custom App -- do not use the UserVoice App as it is not compatible with SCIM yet.
Note: You must use SAML and add SCIM provisioning. You can't configure SCIM by independently.
Enable in UserVoice
Note: Admins with owner-level permissions are the only admins able to enable and obtain the token.
To enable SCIM and fetch the required token:
- Navigate to the Admin Console → Click the settings cog in the lower-left nav → General Settings → User Authentication → Scroll down and toggle SCIM Provisioning on.
- Once enabled, click "Create Token" to obtain the API Token for configuring in your IdP. Copy or put this somewhere safe for use later.
Now you can start configuring SCIM in Okta.
Okta Configuration
Step 1: Enable SCIM Provisioning
- Sign into your Okta identity platform and using the left-side navigation, navigate to Applications → Applications.
- Find and click your UserVoice SAML Application.
- On the General tab → App Settings, click Edit and under Provisioning, enable SCIM.
Step 2: Configure Provisioning
Set the following values:
- SCIM connector base URL →
https://{your uservoice url}/api/scim_v2
- Unique identifier field for users → userName
- Supported provisioning actions:
- ✅ Import New Users and Profile Updates
- ✅ Push New Users
- ✅ Push Profile Updates
- Authentication Mode → HTTP Header
- Authorization → Bearer {the token you copied from UserVoice}
- Click Test Connector Configuration. If successful, you will see the following message: Connector configured successfully.
- Click Save and then click To App (on the left) → Edit (on the right) → and enable:
- Create Users (The default username used to create accounts should be Email)
- Update User Attributes
- Deactivate Users
- Click Save.
Step 3: Attribute Mappings
From the page you were on, scroll down and click Go to Profile Editor. Here you will need to add licenceType. Click Add Attribute and enter the following values:
- Data type → string
- Display name → licenseType
- Variable name → licenseType
- External name → this will automatically populate with licenseType
- External namespace →
urn:ietf:params:scim:schemas:extension:uservoice:permission:2.0
- Description → Optional description, e.g. For provisioning UserVoice users
- Enum Display Name followed by Value. See the table here for what each value means:
- Full Access Owner → fullaccess_owner
- Admin → admin
- Admin No Settings → admin_no_settings
- Read Only Admin → readonly_admin
- Admin Ideas Only → admin_ideas_only
- Admin Feedback Only → admin_feedback_only
- Contributor → contributor
- Revoke Access → none
- Attribute type → Personal
That completes the configuration. You can now assign users the way you typically do or by following Okta's Assign applications to users guide.
Logs
If you encounter issues, Okta has logs that you can find in the Application screen and UserVoice has logs that you can find by navigating to Settings → Integrations → Integration Logs (at the very bottom of the page).