Skip to main content
NICE CXone Expert
Expert Success Center

User and Group Provisioning with Okta

Applies to:
MindTouch (current)
Role required:
This article is focused on enabling you to configure both MindTouch and Okta to get provisioning up and running for your organization.


The following provisioning features are supported:

  • Create Users
    • New users created through Okta will also be created in the MindTouch site
  • Update User Attributes 
    • Updates made to the user's profile through Okta will be pushed to the MindTouch site
  • Deactivate Users
    • Deactivating the user or disabling the user's access to the application through Okta will deactivate the user in the MindTouch site (Note: Deactivating a user removes the user's ability to sign in but maintains the user's MindTouch information as an inactive user)
  • Reactivate Users
    • User accounts can be reactivated in the application
  • Group Push
    • Groups and their members in Okta can be pushed to the MindTouch site
  • Import Users
    • Intended to import existing MindTouch users into Okta
  • Import Groups
    • Intended to import existing MindTouch groups into Okta

MindTouch does not support the following Okta provisioning features:

  • Sync password
  • Profile master

Please note that after a successful implementation user management is controlled within Okta but User and Group roles are moved from the Control Panel into the Dashboard under /Special:Dashboard/SiteAdministration/UserGroupManagement
clipboard_e064401ba8ccdf54430a2acb4df9cf85d.pngFrom here you can change a user to a Community Member to any Pro Member seat level and vice versa.







Before configuring User and Group Provisioning with Okta, you must contact the MindTouch Support Team to activate the capability.


A new property, user.seated, is required on the Okta user profile under Directory > Profile Editor. Click on User (default).  


The new property appuser.seated is mapped to the MindTouch SAML app's seated property.



After User and Group Provisioning with Okta is activated, you must provision a Server API Token to connect MindTouch and Okta. The following instructions provide step-by-step instructions to enable provisioning in the MindTouch application located in the Okta Integration Network.

  1. Check the Enable provisioning features box
  2. Click Configure API Integration
  3. Check the Enable API integration box
  4. Enter the API Token key and secret
  5. Click Test API Credentials; if successful, a verification message appears at the top of the screen
  6. Click Save
  7. Select To App in the left panel, then select Provisioning Features you want to enable 
  8. Click Save
  9. You can now assign people to the app (if needed) and finish the application setup



Initial activation of User and Group Provisioning with Okta requires contacting the MindTouch Support Team. Please reach out with any questions during your configuration process.



  • Was this article helpful?