MicroStrategy ONE
Synchronizing Users from Okta
You can add users to your MicroStrategy Identity Network by synchronizing their information from Okta Universal Directory. You can also add multiple agents under the same network, allowing you to cluster agents in the case of fail-over, or to provide support for high-availability.
The Okta Universal Directory is integrated with MicroStrategy Badge through the Identity Agent, which communicates securely between the Okta Universal Directory and the MicroStrategy Identity Server. To store your Okta credentials locally, make sure to install the Identity Agent on a machine in your organization.
Any user information updates in the Okta Universal directory will automatically be provided to the MicroStrategy Identity Server via the Identity Agent.
Adding Users from Okta
If you have already added users to your Identity Network through Okta, you can manage them by defining the Okta groups or organizational units that are synchronized. For steps, see Managing Users from an IDM System that is Synchronized with MicroStrategy Identity.
The steps below assume that you have created a MicroStrategy Identity Network and associated badge. For steps, see Creating a MicroStrategy Identity Network and Issuing an Administrator Badge.
You have administrator privileges to install the Identity Agent.
The machine on which you install the Identity Agent must meet the following requirements:
- Windows Server 2008 R2 or Windows 2012 R2 (64-bit) operating system.
- Java SE Development Kit (JDK) version 1.7 or later, 64-bit. The file path of the JDK
bin
folder must be added to your Microsoft WindowsPATH
environment variable; for steps, see your third-party documentation. Be sure to restart your host before continuing. - Able to communicate with your Okta organization.
MicroStrategy recommends that you install the Identity Agent on a different machine than your Okta Agent on Windows Server for Okta Universal Directory.
- To create a certificate signing request (CSR) to secure your connection, you must have a third-party tool to generate CSRs, such as the OpenSSL® utility.
- For on-premises implementation, you will need the signing Certificate Authority that you use to sign client certificates.
- If you add users to your Identity Network in other ways than through Okta Universal Directory, such as by importing users from a comma-separated values (CSV) file or through a different IDM system such as OpenLDAP, you cannot import users from Okta Universal Directory.
Follow the steps below to connect your Okta Universal Directory with the MicroStrategy Identity Server:
- Create a Certificate Signing Request in Okta
- Install and Configure the MicroStrategy Identity Agent for Okta
- Add Okta Information to MicroStrategy Identity and Synchronize Users
- Including Profile Photos in Okta
To Create a Cluster of Agents in Your MicroStrategy Identity Network
After registering your Identity Agent in Identity Manager, you can add multiple agents to create a cluster. There are no limitations on the number of agents you can add, but you can only have one cluster per Identity Network. The steps below assume that you have an Agent already registered with your network.
- Log into MicroStrategy Identity Manager.
- Click Users & Badges.
- Under your configured Active Directory Agent, click the drop-down arrow and select Add agent from the list.
- In the Agent Name field, enter a name for the new Agent.
-
Copy the Registration code since you need it to complete the Agent configuration.
Be aware that the code expires every 5 minutes.
- Install and Configure the MicroStrategy Identity Agent for Okta
Related Topics
Distributing Badges to Users in Your MicroStrategy Identity Network