This guide walks you through the process of configuring SCIM services to Gamesight through Okta.
SAML single sign-on is available on Gamesight as an add-on service. Please contact us to enable SAML single sign-on and SCIM for your organization.
You can control access to your Gamesight organization, teams, games and services from one central interface by enabling your Gamesight organization to use SAML SSO and SCIM with Okta, an Identity Provider (IdP).
SAML SSO controls and secures access to organization resources like game integration, billing and team management. SCIM automatically adds, manages, and removes members access to your Gamesight organization when you make changes in Okta. For more information, see “SAML Integration” and “About Scim”.
Once SCIM is enabled, the following provisioning features are available for any users that you assign to your Gamesight application in Okta.
Push New Users
When you create a new user in Okta, the user will also have an account created in your Gamesight organization for immediate access.
Push User Deactivation
When you deactivate a user in Okta, Okta will remove that user from your Gamesight organization.
Push Profile Updates
When you update a user’s profile in Okta, Okta will update the metadata for that user’s membership in your Gamesight organization.
When you reactivate a user in Okta, the user’s membership within your Gamesight organization will be restored.
Any existing users in your Gamesight Org can be imported and managed into your Okta Organization.
You must first ensure you have configured and setup the SAML integration as outlined here.
In order to add the Gamesight app, you must use the "Classic UI" in Okta. For more information, see Organized Navigation on the Okta blog.
- In the Okta Dashboard, click Applications.
- In the list of applications, click the label for the application you created for the organization that uses Gamesight.
- Under the name of the application, click Provisioning.
- Click Configure API Integration.
- Select Enable API Integration.
- Enter the SCIM Key, provided by Gamesight.
- Click Save.
- To the right of “Provisioning to App”, click Edit.
- To the right of “Create Users”, select Enable.
- To the right of “Update User Attributes”, select Enable.
- To the right of “Deactivate Users”, select Enable.
- On the Sign On application tab, select Email for Application username format
- Click Save.
Conflict: User already exists in the database
If you see this error when trying to assign users to the Gamesight app, it means a Gamesight user with that email address already exists, and their account isn't linked to your Gamesight Org with SAML SSO + SCIM enabled.
This is an intentional security feature to prevent idP's from claiming accounts that already exist on Gamesight.
To assign the duplicate user in your Gamesight org through Okta, the user with the conflict should first delete their account on Gamesight. You can then assign the user to the Gamesight app in Okta and their account will be recreated within your Gamesight Org.
If you are still having problems with this after the user deletes their Gamesight account, please contact us via support.
Updated 2 months ago