Skip to main content

How do I provision an Owner user account via Okta SCIM?

  • Updated

Issue

I am trying to provision users with the Sentry role of Owner, but it is not working.

 

Applies To

  • Customers using Okta SCIM for user provisioning in Sentry.

 

Resolution

As mentioned in our Okta SCIM Provisioning documentation, the Owner role cannot be provisioned via SCIM. This is a security measure to prevent a scenario where organization owners could be automatically removed or modified through identity provider changes.

In order to manage de provisioning accounts, you can follow the flow below:

  • SCIM only supports provisioning up to the following roles: Admin, Manager, Billing, and Member.

  • Attempts to provision a user with the Owner role via SCIM will result in a 400 error.

  • If you'd like someone to be an Owner, you should:

    1. Provision them via SCIM as a Member.

    2. Then manually assign the Owner role to their account within Sentry.

  • If you want to create a group in Okta for Owners, you can do so by ensure the group has no sentryOrgRole attribute defined. This allows you to group Owner accounts without SCIM overriding their role.

Related to

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top