Skip to main content
All CollectionsAdministratorSingle Sign-On
Paperflite SSO - Automated User Management with Okta and Microsoft Azure
Paperflite SSO - Automated User Management with Okta and Microsoft Azure

Learn how to streamline user management in Paperflite with automated user creation, removal, and synchronization through Okta and Microsoft Azure.

Athreya Guru avatar
Written by Athreya Guru
Updated today

Overview

Paperflite’s new Single Sign-On (SSO) integration with Okta and Microsoft Azure provides automated user management. With this integration, users added in Okta or Azure AD are automatically created in Paperflite. Likewise, if a user is removed or disabled, their access to Paperflite is also disabled. This ensures synchronized user management and enhances security.

Prerequisites for Configuring SSO Integration in Okta and Azure

Certain configurations need to be completed in Okta or Azure before enabling automated user management in Paperflite.

1) Okta

  1. Go to the Dashboard > Applications > select the app associated with Paperflite for SSO > go to the General Section and click on Edit and under, Provisioning, select SCIM.

  1. Provisioning Configuration: In the Provisioning section.

a) Under the Integration Tab:

  • SCIM Connector Base URL: Enter http://scim.api.paperflite.com/api/1.0/okta.

  • Unique Identifier Field: Set to email.

  • Supported Provisioning Actions: Select Import New Users, Push New Users, and Push Profile Updates.

  • Authentication Mode: Set to HTTP Header.

  • In HTTP Header, add the Bearer token (provided by Paperflite). Reach out to your Customer Success Manager or the Paperflite Support team for assistance with the token.

  • Click Save.

b) Under the To App Tab:

  • Enable Create Users and Deactivate Users.

  • Click Save.

2) Azure

  1. Go to Dashboard > Enterprise Applications > select the app associated with Paperflite for SSO. On the left, under Manage, select Provisioning. Click on ‘Get Started’ to proceed.

2. Provisioning Configuration:

a) Provisioning Mode: Set to Automatic.

b) Admin Credentials:

Ensure to Click Save at the top so that you can access Mappings.

c) Mappings:

  • Select Provision Microsoft Entra ID Users.

  • Click Edit against the userName attribute and set the following:

    • Mapping Type: Direct

    • Source Attribute: mail

    • Target Attribute: userName

    • Match Objects Using This Attribute: Yes

    • Matching Precedence: 1

    • Apply This Mapping: Always

  • Click OK.

d) Settings:

  • Scope: Sync all users and groups.

  • Provisioning Status: ON.

  • Click OK.

Once this configuration is set up in Okta or Azure, you’re ready to integrate Paperflite SSO with your Active Directory. This integration will enable automated user management, ensuring that users added or removed in your Active Directory are automatically created or disabled in Paperflite. This synchronization simplifies account management and enhances security.

SSO Automated User Management

Paperflite has enabled automatic user management features for Okta and Microsoft Azure.

Key Features:

1. Automated User Creation

When a user is added to either Okta or Azure Active Directory, a corresponding account is automatically created in Paperflite with a Normal User role by default. Follow the steps below to add users in Okta or Azure and ensure their accounts are synced seamlessly with Paperflite.

a) Okta

  1. Add a New User in Okta:

    • Navigate to the Directory section on the left-hand side.

    • Select People > Click Add Person.

    • Fill in the required details for the new user.

2. Assign the User to the Paperflite Application:

  • Go to the Applications section > Select the app associated with Paperflite.

  • Under the Assignments tab, click Assign > Select Assign to People.

  • Choose the newly created user(s) > Add any relevant details.

  • Click Save and Close.

3. Verify User in Paperflite:

  • Log in to Paperflite.

  • Navigate to Settings > User Management.

  • Confirm that the user(s) added in Okta now appear in Paperflite with their role set as Normal User.

b) Azure

  1. Add a New User in Azure Active Directory:

    • Go to the Dashboard and select Microsoft Entra ID.

    • Under the Manage tab on the left-hand side, click Users > Select New User.

    • Fill in the required details and click Review + Create.

2. Assign the User to the Paperflite Application:

  • Return to the Dashboard > Select Enterprise Applications and Choose the application associated with Paperflite.

  • On the left-hand side under the Manage tab, click Users and Groups > Select Add User/Group.

  • Choose the newly created user(s) and click Save.

3. Verify User in Paperflite:

  • Log in to Paperflite.

  • Navigate to Settings > User Management.

  • Confirm that the user(s) added in Azure now appear in Paperflite with their role set as Normal User.

2. Automated User Removal/Disabling

If a user is either removed or disabled in Okta or Azure AD, their Paperflite account is automatically disabled. This ensures that only active users have access to Paperflite, aligning user access with the organization’s security policies.

a) Okta

In Okta, simply remove or disable the user account in your Active Directory. The synchronization between Okta and Paperflite will automatically disable the corresponding account in Paperflite, ensuring that access is revoked seamlessly.

b) Azure

Navigate to the User’s Account:

  • Go to the Dashboard and select Microsoft Entra ID.

  • Under the Manage section, click Users.

  • Select the specific user you want to disable.

Disable the Account:

  • Click Edit Properties > Navigate to the Settings tab.

  • Uncheck the Account Enabled box.

  • Click Save.

Once the user is disabled in Azure, the corresponding account in Paperflite will be automatically disabled.

Still have queries? Send them to us at support@paperflite.com or chat with us by clicking on the pop-up at the bottom right corner of the screen and we'll be happy to help :)

Did this answer your question?