Okta Automatic License Provisioning

Help Center
  • Updated
Follow

1. Features

The following provisioning features are supported by Foxit Admin Console:

  • Push New Users. New users created through OKTA will also be pushed to Foxit Admin Console.

  • Push Profile Updates. Updates made to the user's profile through OKTA will be pushed to Foxit Admin Console.

  • Push User Deactivation. Deactivating the user or disabling the user's access to the application through OKTA will be removed the user's licenses in Foxit Admin Console.

  • Push Groups. Groups and their members in Okta can be pushed to Foxit Admin Console.

  • Reactivate Users. User's authorization reassignment.

2. Prerequisites

The scenario outlined in this page assumes that the user already has the following prerequisites:

1.png

3. Configuration Steps

3.1 Enable Provision in Foxit Admin Console

Login to Foxit Admin Console. Navigate to Settings > Directory Setting > Directories.

Select the Okta directory and click Enable Provision to support provisioning with Okta.

2.png

3.1.2 Click Provision Settings in the More settings of the Okta directory.
3.png
3.1.3 Copy and save the Tenant URL and the Secret token.

These values will be entered in the Tenant URL and Secret Token fields in the Provisioning tab in the Okta.

4.png

3.2 Create an app on the Okta admin page

Sign into the OKTA admin page and go to Applications Applications.
3.2.2 Click Browse App Catalog.

5.png

3.2.3 Enter "Foxit Admin Console" in the Search catalog of integrations field and select the app "Foxit Admin Console".

6.png

 

3.2.4 Click Add Integration.

7.png

 

3.2.5 Enter your app name and click Next.

8.png

3.2.6 Complete the Sign-On Options page. Under the Credentials Details section, select Email for the Application username format. Click Done.
9.png

3.3 Configure automatic user provisioning

This section guides you through the steps to configure the Okta provisioning service to create, update, and disable users and/or groups in App based on user/group assignments in Okta.

3.3.1 Go to the Provisioning settings tab and click Configure API Integration.

1.png

3.3.2 Select Enable API integration.

2.png

3.3.3 Complete the authentication fields.

Input the Tenant URL you got in Foxit Admin Console into Base URL. And Input the Secret Token you got in Foxit Admin Console into API Token.

3.png

3.3.4 Click Test API Credentials to test your API credentials.

If you receive an error, verify and retry your credentials. Click Save.

4.png

 

3.3.5 From the Settings column on the left side of the screen, select To App, then click Edit.

5.png

3.3.6 Select the provisioning options: Create UsersUpdate User AttributesDeactivate Users and click Save.
6.png

3.4 Create groups on the Okta admin page

In the OKTA Console, go to Directory > Groups. Click Add Group.

Note: The administrator needs to create different groups in OKTA according to the products that need to assign licenses.

A product corresponds to a group. The names of these groups need to be fixed and case sensitive. The group names are as follows.

  • Group for Foxit PDF Editor for Windows
  • Group for Foxit PDF Editor for Mobile
  • Group for PDF Editor Suite Pro for Teams
  • Group for Foxit PDF Editor Pro Windows for Teams
  • Group for Foxit PDF Editor Windows for Teams
  • Group for Foxit PDF Editor Mac for Teams
  • Group for PDF Editor Suite Mac for Teams
  • Group for PDF Editor Suite Windows for Teams
  • Group for Foxit PDF Editor for Mac
  • Group for Foxit PDF Editor Pro + Education Bundle
  • Group for Foxit PDF Editor Education Bundle
  • Group for Foxit eSign
  • Group for PDF Editor Suite Pro for Education

    7.png

 

3.4.2 Complete the fields in the Add group dialog. Click Save.
  • 8.png
3.4.3 Add the people to the group who should have access to the app.
  • 9.png

3.5 Assign group and activate user provisioning

3.5.1 Switch to the Assignments tab, click Assign, and select Assign to Groups.

10.png

3.5.2 Select groups to assign, then click Done.

1.png

3.5.3 All of these fields are optional and can be left blank. When you are done with this step, click Save and Go Back.
2.png
3.5.4 Click Done.3.png

 

3.5.5 Switch to the Push Groups tab, click Push Groups, and select Find Groups By name.
4.png
3.5.6 Enter Group for Foxit to search for groups, Select a group to add.
5.png
3.5.7 Click Save.
6.png
3.5.8 The group is added to the push groups list.

7.png

3.6 View results in Foxit Admin Console

Go to Settings > Directory Setting > Directories, Click the + on the OKTA directory to see more information.
8.png
3.6.2 Check the Last synced time.
9.png
3.6.3 Foxit Admin Console will automatically assign product licenses to group users based on the group names.
10.png
3.6.4 Automated log has been added to Foxit Admin Console.

In Contents logs, you can view the log after the license is automatically assigned

11.png

4. Troubleshooting and FAQ

If you encounter problems, you can submit a ticket request to Foxit Support team for assistance

Q1. Are groups created in Okta Enterprise Apps automatically synced to the Admin Console? Will the Admin Console show the group structure?

Answer: The Admin Console will sync the users and display them in the User ID Management->User->Directory users list of the Admin Console.

Q2. Are there rules for the names of groups created in Okta Enterprise Apps?

Answer: The administrator needs to create different groups in Okta according to the products that need to assign licenses. A product corresponds to a group.

The names of these groups need to be fixed and we will give fixed names. The group names are as follows.

  • Group for Foxit PDF Editor for Windows
  • Group for Foxit PDF Editor Pro for Windows
  • Group for Foxit PDF Editor for Mac
  • Group for Foxit PDF Editor for Mobile
  • Group for Foxit PDF Editor for Cloud
  • Group for Foxit eSign
  • Group for Foxit PDF Editor Pro +
  • Group for Foxit PDF Editor Education Bundle

Q3. Can a user be added to multiple directories/groups?

Answer: Yes, a user can be added to different directories/groups.

Q4. What are the rules for the Admin Console to automatically assign licenses based on Okta groups?

Answer: The Admin Console will automatically assign product licenses to group users based on the group names.

When the number of users in the Okta group increases or decreases, the Admin Console will automatically assign or revoke the user's product license.

Q5. Will the group names be case-sensitive?

Answer: Yes, group names are case-sensitive.

Q6. Okta Sync will pull all users from Okta into Admin Console. Will this function only sync the users in the groups or will it continue to sync all users?

Answer: Yes, Only the users/groups of the configured enterprise application will be synchronized, and not all Okta users will be synchronized to the Admin Console.

Q7. When an administrator deletes a user in a group, will the corresponding product license be deleted?

Answer: Yes, if a user of a group is deleted, the user's product license will be revoked.

Q8: If an administrator deletes an entire group, will the entire group's product licenses be removed?

Answer: When deleting the entire group, Admin Console will retain the user's product license and will not delete the product license of the group.

5. Attributes table

Attribute
Format
Field Validation
Locality String No restrictions.
Region String No restrictions.
Country String No restrictions.
Locale Name String No restrictions.
Time zone String No restrictions.
User type String No restrictions.
Employee number String No restrictions.
Organization String No restrictions.
Department String No restrictions.
Manager value String No restrictions.
Manager display String No restrictions.

Related articles

Comments

0 comments

Please sign in to leave a comment.