The group sync feature is designed to provide faster and more efficient management of groups within Zight, which will also be compatible with future management and security features. This feature utilizes SCIM's "push groups" capability.
Pre-requisites
-Ensure that SAML and SCIM are configured on both Okta's and Zight's ends.
-Be sure users are indeed part of the group in Okta you will sync/push.
Setting Up Group Sync Using Okta (Zight Admin)
Step-by-Step Setup:
-
Enable Group Sync:
-
Go to the Zight Admin Dashboard.
-
Navigate to SCIM settings under the Authentication tab.
-
Check the box next to Enable Group Sync.
-
Confirm any pop-up prompts that warn about overwriting existing group settings.
Note: Groups coming from Okta cannot be edited on Zight's end.
-
-
Enable Push Groups:
-
In Okta, go to the Zight SAML app.
-
Navigate to the Provisioning tab and click Integration.
-
Enable Push Groups
- Hit Test Connector
- Save
-
-
Assign groups to the Zight Okta app and Push them:
-
Assign groups within the Directory in Okta and push them to Zight to complete the setup.
Note: Syncing groups with Zight may overwrite existing groups in Zight. Be sure to confirm before proceeding.
-
Reconciliation Process
If a group already exists in Zight and matches a group in Okta, you can map it. This process will delete the Zight group and replace it with the Okta group.
Note: Ensure that users are part of the Okta group before proceeding, else they wont be grouped
FAQ
-
What happens if I disconnect the group sync feature?
If you disconnect the group sync feature, the existing groups will remain intact. You will be able to manually edit groups for users that were previously locked or greyed out. -
Can this feature bulk import users from okta?
No, the group sync feature only synchronizes groups that users belong to in Zight, pulling this information from Okta. It does not import users. -
Can I roll back the groups in Zight after syncing?
No, rolling back groups after syncing is not supported. However, you can disable the sync option in Zight, and the groups will remain. -
If I add a group while creating a user and then assign the user to the Zight OKTA app, will the group be pushed?
Yes, provided the group is included in the Push Groups tab during setup.
Important Note
Group synchronization is a one-way sync from Okta to Zight. Deleting or modifying groups in Okta will reflect in Zight.
Related to
Comments
0 comments
Article is closed for comments.