Rocketlane supports SCIM-based provisioning with Okta, allowing your organization to automatically create, update, and deactivate users directly from Okta. This ensures centralized identity management and reduces manual user administration.

This article walks you through setting up the Okta → Rocketlane SCIM integration.

Prerequisites

Before you begin:

• You must be an admin in both Rocketlane and Okta.

• Your Rocketlane subdomain (e.g., yourcompany.rocketlane.com)

Step 1: Enable SCIM in Rocketlane

1. Log in to your Rocketlane instance.

2. Navigate to Settings → SCIM.

3. Click Set up SCIM integration.

4. Under Choose Integration, select Okta.

5. Set a Default Role and Permission Set.

   • Recommendation: Choose the lowest-privilege role and permissions to avoid giving unnecessary access by default.

Step 2: Create an API Key for SCIM in Rocketlane

1. Go to Settings → API.

2. Click Create API Key.

3. Name it something identifiable like "Okta SCIM".

4. Copy the generated API key — you will need it shortly.

Step 3: Add Rocketlane SCIM Application in Okta

1. Open Okta and navigate to:
   Applications → Applications → Browse App Catalog

2. 
   

3. Search for Rocketlane SCIM.

4. Click Add Integration.

5. Fill the application details:

   • Application Label: Rocketlane SCIM (or any name)

   • Entity ID: your Rocketlane URL

   • ACS URL: your Rocketlane URL

6. Click Done.

Step 4: Configure API Integration in Okta

1. Inside the Rocketlane SCIM application in Okta, click Provisioning in the top menu.

2. Click Configure API Integration.

3. Check Enable API Integration.

4. Enter the following:

Base URL:
https://<your-subdomain>.api.rocketlane.com/api/scim/v2

• Example:
  If your Rocketlane URL is acme.rocketlane.com, use:
  https://acme.api.rocketlane.com/api/scim/v2

• API Token: Paste the API key you created earlier.

5. Click Test Credentials.

6. Once validated, click Save.

Step 5: Enable SCIM Provisioning Features in Okta

1. Navigate to Provisioning → To App.

2. Click Edit.

3. Enable:

   • Create Users

   • Update User Attributes

   • Deactivate Users

4. Disable:

   •  Set Password on New User
     (Rocketlane manages passwords separately)

5. Click Save.

Step 6: Assign Users from Okta to Rocketlane

1. Navigate to Directory → People in Okta.

2. Choose a user and click Assign → Assign to People.

3. Edit any required user details and click Save.

When you check Settings → Team Members in Rocketlane,
you will see the newly assigned user automatically added with the default role and permission set.

Step 7: Sync Role Changes from Okta to Rocketlane

1. Go back to the user in Okta.

2. Click the Edit icon next to their Rocketlane assignment.

3. Locate the Roles field.

4. Change value to create and update, and give any configured role input.

5. Save the changes.

When you return to Rocketlane, you’ll see that the user’s role/permission has been updated based on your Okta changes.
Note: Please allow a few minutes for the changes to take effect.

Step 8: Configure Role Mapping in Rocketlane

Role Mapping allows Rocketlane to understand how Okta roles should translate into Rocketlane roles.

1. Go to Settings → SCIM in Rocketlane.

2. Scroll to Role Mapping.

3. Click Add New Field.

4. Define:

   • Okta Role Input (e.g., Product Manager)

   • Mapped Rocketlane Role (e.g., Product Manager)

   • Permission Set (e.g., Superuser)

This ensures role updates from Okta sync correctly.

Step 9: Configure Field Mapping (Optional)

To map Okta profile fields to Rocketlane fields:

1. Go to Field Mapping inside SCIM settings.

2. Click Add New Field.

3. Select:

   • The Okta Attribute (e.g., department, title)

   • The Rocketlane Field it should sync into.

This helps maintain clean and centralized user data.