I tried linking Okta and Box to achieve provisioning.

Security business menu

Security business
HOME

To be elected
cause

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

TOP

Products/Services

product
- Okta Workforce Identity Cloud
- Okta Customer Identity Cloud

Specifications/Technical Information

Specifications/Technical Information
- Workforce Identity Cloud Basic Setup Behavior Guide
- Customer Identity Cloud (Auth0) basic setup behavior guide

solution

solution
- Okta Solutions - Zero Trust with Okta

User stories

support

- Macnica Support

Seminar content

Document request

inquiry

Event/Seminar

video on demand

I tried linking Okta and Box to achieve provisioning.

Introduction

Box is a content cloud that allows users to share content from all areas, both inside and outside the company, and has been introduced by 110,000 companies worldwide, and approximately 16,000 companies in Japan alone. (Reference: https://www.boxsquare.jp/box)

This time, we linked Box and Okta and used Okta's provisioning functionality to automate Box ID and folder operations. We have summarized the necessity of provisioning and the actual flow of operations, so we hope that you will refer to this blog for questions such as ``What is provisioning?'' and ``What can you do with Okta?''

Provisioning from Okta to Box

What is provisioning

Provisioning is a function where Okta and SaaS collaborate via SCIM or API to automatically manage account lifecycles.

Need for provisioning

With the spread of cloud services, it has become necessary to create, change, and abolish accounts and set privileges depending on the user's status (joining, transferring, retiring) for each cloud service. By using Okta's provisioning feature, you can centrally manage the status of your SaaS ID by simply managing Okta user information and attributes.

Provisioning from Okta to Box (user creation)

By enabling Create Users in the provisioning settings on Okta,

Users added in Okta are automatically created in the connected Box tenant.

Create folder at the same time as user creation

By checking “Create personal Box folder when new user account is provisioned” in the provisioning settings on Okta, you can create a user folder in Box when provisioning from Okta to Box.

Owner of the Box Personal Folder: Set who will be the owner of the created folder.

Admin as Owner = A folder will be created in “All Files” of the administrator account.
User as Owner = A folder will be created in “All Files” of the provisioned account

Full path to parent folder: Set the path where the folder will be created

All Files = A folder will be created directly under “All Files”.
You can change the location where the folder is created by entering a path, for example "All Files/Parent Folder".

User folder permission-level: Set the access permission level for the created user's folder

Editor = Can read/write to folders
Co-Owner = Some advanced folder settings can be changed for folders from Editor.

Personal folder name format: Set the name of the created folder

Okta username prefix = The part of the Okta username before @ (default setting)
(Example: if user1@example.com, the folder name is user1)

Sync personal folder to desktop: When enabled, the created folder will be synchronized with the user's desktop (allowing easy access to Box folders from the desktop)

Provisioning from Okta to Box (User Profile Update)

User attribute values in Okta and Box can be linked using Okta's mapping feature.

When there is an update to the attribute value on the Okta side, the attribute value linked by this mapping function will be automatically reflected on the SaaS (Box) side.

Update User Attributes Enable

Check “Enable” for “Update User Attributes”

Select the attribute you want to map from the dropdown
(The diagram below links First name, Last name, and Mobile phone)

Add custom attributes for attributes that are not available on Okta side

Select the default Okta from Directory > Profile Editor on the Okta administrator screen and add attributes from “+ Add Attribute”. (The figure below creates job_title)

Link the added Okta attribute “job_title” to the attribute “job_title” on the Box side.

With the above settings, if the job_title attribute is changed on the Okta side, the attribute change can be reflected in Box.

Summary

This time, we used the content cloud "Box" that is used by many people as an example, and introduced the necessity of provisioning with Okta and the actual flow of operation.
By implementing Okta, you can manage identities more securely and easily.

This time we introduced the basic function of provisioning, but there is much more that can be achieved with Okta.
Next time, we'll be introducing some amazing features that will make you wonder, ``Is it even possible to do this?'' as part of ` `Super Convenient Ways to Use Box Using Okta Workflows'', so please take a look.
If you are interested or have any other inquiries regarding Okta, please contact us.

Inquiry/Document request

In charge of Macnica Okta Co., Ltd.

inquiry Document request

TEL：045-476-2010
E-mail：okta@macnica.co.jp

Mon-Fri 8:45-17:30