Overview
This guide will help you set up user provisioning in OKTA. The goal is to pass a vyTeam parameter on a per Group basis (rather than an individual User) with your SAML based assertions. This will allow for easier scaling and modification of teams.
Steps
Ensure that you have added your Vidyard application within OKTA. Instructions for that can be found on the article for Managing user access with SSO.
1. On the App setup page, add an Attribute Statement (Note - not 'Group Attribute Statement') for the Name vyTeam and set the Value to be appuser.vyTeam.
2. Go to Directory > Profile Editor.
3. Click Apps and find the Vidyard app you have created. Click Profile on this app to edit.
4. Click Add Attribute
5. Create a variable called vyTeam. The value should be vyTeam in the Variable name.
6. Hit Save Attribute. The profile editor view will look like this.
7. Each group that relates to a Vidyard team needs to overwrite the vyTeam variable with the corresponding team value. The value needs to match the Team name i.e. 'Admin', 'User' or custom name. When complete hit Save.
8. Ensure that your users are added to the group that are assigned to the Vidyard app. The vyTeam attribute will pass through from here for the users. Ensure that these users are only ever able to send one vyTeam parameter in the assertion to avoid sign in issues.