{"id":83688,"date":"2023-06-05T13:09:52","date_gmt":"2023-06-05T17:09:52","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=83688"},"modified":"2024-08-22T15:43:27","modified_gmt":"2024-08-22T19:43:27","slug":"configure-okta-real-time-user-password-import","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import","title":{"rendered":"Configure Okta Real-time User and Password Import"},"content":{"rendered":"\n<p>Streamline lifecycle management for your organization by connecting Okta with JumpCloud through a Real-time User and Password Import&nbsp;SCIM integration. This integration lets you manage your organization\u2019s user identities in Okta, and easily connect users to all of the IT resources they need through JumpCloud. After you connect Okta with JumpCloud through SCIM, depending on the integration settings you choose, users are seamlessly created, updated, and deactivated in JumpCloud according to the actions you take on users in Okta.<br><img decoding=\"async\" width=\"1509\" height=\"711\" class=\"wp-image-87652\" style=\"width: 900px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png 1509w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/extend-okta-identities-300x141.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/extend-okta-identities-1024x482.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/extend-okta-identities-768x362.png 768w\" sizes=\"(max-width: 1509px) 100vw, 1509px\" \/><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-supported-features\">Supported Features<\/h2>\n\n\n\n<p>The following SCIM actions are supported for&nbsp;<strong>Okta\u2019s User Import and Password Mastery<\/strong>&nbsp;integration with JumpCloud.<\/p>\n\n\n\n<ul>\n<li><strong>User import<\/strong>: Users accounts are imported from Okta into JumpCloud<\/li>\n\n\n\n<li><strong>Password sync<\/strong>: User account passwords are synchronized between Okta and JumpCloud; changes made to passwords in Okta are synced with JumpCloud<\/li>\n\n\n\n<li><strong>Create<\/strong>: When you create users in Okta they\u2019re created in JumpCloud<\/li>\n\n\n\n<li><strong>Update<\/strong>: When you update user attributes in Okta, these updates are reflected in JumpCloud<\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Read the&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#important-considerations\">Considerations<\/a>&nbsp;for more detail on this feature.&nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ul>\n<li><strong>Deactivate<\/strong>:\u00a0When you deactivate or delete a user in Okta, the user is placed in a suspended state in JumpCloud<\/li>\n<\/ul>\n\n\n\n<p><strong>Prerequisites<\/strong><\/p>\n\n\n\n<ul>\n<li>You need\u00a0<strong>User Provisioning<\/strong>\u00a0functionality enabled for your Okta account.\u00a0Learn about\u00a0<a href=\"https:\/\/www.okta.com\/products\/lifecycle-management\/\">Lifecycle Management and App Provisioning\u00a0from Okta<\/a><\/li>\n\n\n\n<li>You need a JumpCloud API Key (see instructions below)<\/li>\n<\/ul>\n\n\n\n<p><strong>Recommendations<\/strong><\/p>\n\n\n\n<ul>\n<li>To prevent end-user access issues, we recommend that you use the same password complexity requirements as Okta, see\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/manage-password-and-security-settings#password-settings\">Manage Password and Security Settings<\/a>\n<ul>\n<li>Consider choosing\u00a0not to expire JumpCloud account passwords. If you choose to enforce password aging for your JumpCloud account passwords, be mindful of the expiration dates for users you\u2019re managing for Okta. See\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/manage-password-and-security-settings#password-settings\">Manage Password and Security Settings<\/a> to learn more about password aging<\/li>\n\n\n\n<li>We also recommend that you create a JumpCloud admin service account to generate the API Key you need to connect JumpCloud with Okta. This service account shouldn\u2019t be tied to a specific user\u2019s email address. For added security,\u00a0you can\u00a0require Multi-factor Authentication at\u00a0login for this admin service account. See\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/manage-admin-accounts\">Manage Admin Accounts<\/a> to learn more<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><strong>Considerations<\/strong><\/p>\n\n\n\n<ul>\n<li>\u200b\u200b\u200b\u200b\u200bIf you update a user name in Okta for a user that is bound to resources, it won&#8217;t\u00a0update that user&#8217;s username in JumpCloud. However, if that user isn&#8217;t bound to any resources in JumpCloud, then it will change the user&#8217;s username.\u200b<\/li>\n\n\n\n<li>When a user is associated with&nbsp;the JumpCloud application in their Okta account, a couple of things happen:\n<ul>\n<li>Their password is sent to JumpCloud when it is changed in Okta<\/li>\n\n\n\n<li>Once\u00a0they&#8217;ve been associated with JumpCloud, they log in to their Okta account for the first time after the association, and the passwords will be\u00a0synced<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>If you are trying to have an existing user&#8217;s account managed by JumpCloud, the usernames must meet specific requirements:\n<ul>\n<li><strong>Important<\/strong>: The user can&#8217;t be bound to any resources at the time of account takeover.<\/li>\n\n\n\n<li>The username in Okta is an email, however in JumpCloud the username is&nbsp;<em>not<\/em>&nbsp;an email.\n<ul>\n<li>To have JumpCloud manage a user&#8217;s account, the email used in Okta prefix (everything before the @ symbol) needs to match the username in JumpCloud\n<ul>\n<li>For example, if the email is&nbsp;<em>john.doe@okta.com<\/em>, then the username in JumpCloud needs to be john.doe.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>If you are trying to have a new user&#8217;s account managed by JumpCloud, the username has specifications that will result in a failure if not met. The requirements are:\n<ul>\n<li>The username needs to start with a letter<\/li>\n\n\n\n<li>It needs to be 30 characters or less\n<ul>\n<li>These&nbsp;can only include valid unix characters (letters, numbers, hyphens &#8216; &#8211; ,&#8217; periods &#8216; . ,&#8217; and underscores &#8216; _ .&#8217;)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>If a password is changed directly from the user console it clears the credential manager on a Windows device. This is also the case when a user is externally managed and password updates come from a 3rd party, like Okta<\/li>\n<\/ul>\n\n\n\n<p><strong>Known Issues<\/strong>:<\/p>\n\n\n\n<ul>\n<li>After you import users from Okta, users and their attributes are synced between JumpCloud and Okta. The users that you import from Okta are fully editable in JumpCloud in both the Admin and User Portals. This means that users can change their password and user attributes in the JumpCloud User Portal. If a user updates their password in the User Portal, it can be overwritten by Okta, potentially placing the user in a bad state. We recommend that you disable the ability for users to update their user attributes in the JumpCloud User Portal. You can do this in the Admin Portal\u2019s\u00a0<strong>General Information Org Settings<\/strong>. If you disable your end users\u2019 ability to modify their user attributes in the User Portal, admins are still able to modify end-user attributes in the JumpCloud Admin Portal. Learn more about this feature in\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/settings-in-admin-portal\">Settings in the JumpCloud Admin Portal<\/a>\u00a0<\/li>\n\n\n\n<li>If you manage end-users devices with JumpCloud and integrate Okta with JumpCloud, passwords can become out of sync between Okta and JumpCloud if a user changes their password through&nbsp;their device. You can leverage Okta integration with JumpCloud managed devices by keeping&nbsp;the following in mind:\n<ul>\n<li>macOS:\u00a0JumpCloud&#8217;s Menu Bar App prompts users to confirm their password if they become out of sync when they&#8217;re provisioned to JumpCloud from Okta\u00a0<\/li>\n\n\n\n<li>To see more detailed information see\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#managing-password-resets-with-okta-and-jumpcloud-managed-devices\">Managing Password Resets with Okta and JumpCloud Managed Devices<\/a>\u00a0below<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<p><strong>Attribute Mappings<\/strong>:<\/p>\n\n\n\n<p>The following table lists attributes that JumpCloud can receive from Okta.&nbsp;<br><br>Learn about JumpCloud Properties and how they work with systemusers in our&nbsp;<a href=\"https:\/\/docs.jumpcloud.com\/api\/index.html\">API<\/a>.&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-wpdatatables-wpdatatables-gutenberg-block\">\n<div class=\"wpdt-c row wpDataTableContainerSimpleTable wpDataTables wpDataTablesWrapper\n\"\n    >\n        <table id=\"wpdtSimpleTable-149\"\n           style=\"border-collapse:collapse;\n                   border-spacing:0px;\"\n           class=\"wpdtSimpleTable wpDataTable\"\n           data-column=\"3\"\n           data-rows=\"16\"\n           data-wpID=\"149\"\n           data-responsive=\"0\"\n           data-has-header=\"1\">\n\n                    <thead>        <tr class=\"wpdt-cell-row \" >\n                            <th class=\"wpdt-cell \"\n                                    data-cell-id=\"A1\"\n                data-col-index=\"0\"\n                data-row-index=\"0\"\n                style=\" width:45.205479452055%;                padding:10px;\n                \"\n                >\n                                Okta Attribute Name                <\/th>\n                                            <th class=\"wpdt-cell \"\n                                    data-cell-id=\"B1\"\n                data-col-index=\"1\"\n                data-row-index=\"0\"\n                style=\" width:27.397260273973%;                padding:10px;\n                \"\n                >\n                                JumpCloud Attribute Name                <\/th>\n                                            <th class=\"wpdt-cell \"\n                                    data-cell-id=\"C1\"\n                data-col-index=\"2\"\n                data-row-index=\"0\"\n                style=\" width:27.397260273973%;                padding:10px;\n                \"\n                >\n                                Notes                <\/th>\n                                        <\/tr>\n                    <tbody>        <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A2\"\n                data-col-index=\"0\"\n                data-row-index=\"1\"\n                style=\"                padding:10px;\n                \"\n                >\n                                login                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B2\"\n                data-col-index=\"1\"\n                data-row-index=\"1\"\n                style=\"                padding:10px;\n                \"\n                >\n                                userName                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"C2\"\n                data-col-index=\"2\"\n                data-row-index=\"1\"\n                style=\"                padding:10px;\n                \"\n                >\n                                <div data-type-content=\"wpdt-html-content\"><p><span style=\"font-family: Arial\">For this attribute to map correctly, this attribute has been updated to&nbsp;<\/span><code>String.substringBefore(user.login, \"@\")<\/code><\/p><\/div>                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A3\"\n                data-col-index=\"0\"\n                data-row-index=\"2\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.firstName                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B3\"\n                data-col-index=\"1\"\n                data-row-index=\"2\"\n                style=\"                padding:10px;\n                \"\n                >\n                                givenName                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C3\"\n                data-col-index=\"2\"\n                data-row-index=\"2\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A4\"\n                data-col-index=\"0\"\n                data-row-index=\"3\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.lastName                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B4\"\n                data-col-index=\"1\"\n                data-row-index=\"3\"\n                style=\"                padding:10px;\n                \"\n                >\n                                familyName                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C4\"\n                data-col-index=\"2\"\n                data-row-index=\"3\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A5\"\n                data-col-index=\"0\"\n                data-row-index=\"4\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.middleName                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B5\"\n                data-col-index=\"1\"\n                data-row-index=\"4\"\n                style=\"                padding:10px;\n                \"\n                >\n                                middleName                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C5\"\n                data-col-index=\"2\"\n                data-row-index=\"4\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A6\"\n                data-col-index=\"0\"\n                data-row-index=\"5\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.email                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B6\"\n                data-col-index=\"1\"\n                data-row-index=\"5\"\n                style=\"                padding:10px;\n                \"\n                >\n                                email                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C6\"\n                data-col-index=\"2\"\n                data-row-index=\"5\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A7\"\n                data-col-index=\"0\"\n                data-row-index=\"6\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.emailType                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B7\"\n                data-col-index=\"1\"\n                data-row-index=\"6\"\n                style=\"                padding:10px;\n                \"\n                >\n                                emailType                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"C7\"\n                data-col-index=\"2\"\n                data-row-index=\"6\"\n                style=\"                padding:10px;\n                \"\n                >\n                                <div data-type-content=\"wpdt-html-content\"><p><span style=\"font-family: Arial\">For this attribute to map correctly, this attribute has been updated to&nbsp;<\/span><code>(user.email != null &amp;&amp; user.email != ' ') ? 'work' : ' '<\/code><\/p><\/div>                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A8\"\n                data-col-index=\"0\"\n                data-row-index=\"7\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.Title                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B8\"\n                data-col-index=\"1\"\n                data-row-index=\"7\"\n                style=\"                padding:10px;\n                \"\n                >\n                                title                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C8\"\n                data-col-index=\"2\"\n                data-row-index=\"7\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A9\"\n                data-col-index=\"0\"\n                data-row-index=\"8\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.displayName                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B9\"\n                data-col-index=\"1\"\n                data-row-index=\"8\"\n                style=\"                padding:10px;\n                \"\n                >\n                                displayName                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C9\"\n                data-col-index=\"2\"\n                data-row-index=\"8\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A10\"\n                data-col-index=\"0\"\n                data-row-index=\"9\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.displayName                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B10\"\n                data-col-index=\"1\"\n                data-row-index=\"9\"\n                style=\"                padding:10px;\n                \"\n                >\n                                primaryPhone                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C10\"\n                data-col-index=\"2\"\n                data-row-index=\"9\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A11\"\n                data-col-index=\"0\"\n                data-row-index=\"10\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.primaryPhoneType                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B11\"\n                data-col-index=\"1\"\n                data-row-index=\"10\"\n                style=\"                padding:10px;\n                \"\n                >\n                                primaryPhoneType                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"C11\"\n                data-col-index=\"2\"\n                data-row-index=\"10\"\n                style=\"                padding:10px;\n                \"\n                >\n                                <div data-type-content=\"wpdt-html-content\">\n<p><span style=\"font-family: Arial\">For this attribute to map correctly, this attribute has been updated to&nbsp;<\/span><code>(user.primaryPhone != null &amp;&amp; user.primaryPhone != ' ') ? 'work' : ' '<\/code><\/p>\n<\/div>                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A12\"\n                data-col-index=\"0\"\n                data-row-index=\"11\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.addressType                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B12\"\n                data-col-index=\"1\"\n                data-row-index=\"11\"\n                style=\"                padding:10px;\n                \"\n                >\n                                addressType                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"C12\"\n                data-col-index=\"2\"\n                data-row-index=\"11\"\n                style=\"                padding:10px;\n                \"\n                >\n                                <div data-type-content=\"wpdt-html-content\">\n<p><span style=\"font-family: Arial\">For this attribute to map correctly, this attribute has been updated to&nbsp;<\/span><code>(user.streetAddress != null &amp;&amp; user.streetAddress != '') || (user.city != null &amp;&amp; user.city != '') || (user.state != null &amp;&amp; user.state != '') || (user.zipCode != null &amp;&amp; user.zipCode != '') || (user.countryCode != null &amp;&amp; user.countryCode != '') || (user.postalAddress != null &amp;&amp; user.postalAddress != '') ? 'work' : ''<\/code><\/p>\n<\/div>                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A13\"\n                data-col-index=\"0\"\n                data-row-index=\"12\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.streetAddress                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B13\"\n                data-col-index=\"1\"\n                data-row-index=\"12\"\n                style=\"                padding:10px;\n                \"\n                >\n                                streetAddress                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C13\"\n                data-col-index=\"2\"\n                data-row-index=\"12\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A14\"\n                data-col-index=\"0\"\n                data-row-index=\"13\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.city                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B14\"\n                data-col-index=\"1\"\n                data-row-index=\"13\"\n                style=\"                padding:10px;\n                \"\n                >\n                                locality                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C14\"\n                data-col-index=\"2\"\n                data-row-index=\"13\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A15\"\n                data-col-index=\"0\"\n                data-row-index=\"14\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.state                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B15\"\n                data-col-index=\"1\"\n                data-row-index=\"14\"\n                style=\"                padding:10px;\n                \"\n                >\n                                region                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C15\"\n                data-col-index=\"2\"\n                data-row-index=\"14\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"A16\"\n                data-col-index=\"0\"\n                data-row-index=\"15\"\n                style=\"                padding:10px;\n                \"\n                >\n                                user.zipCode                <\/td>\n                                            <td class=\"wpdt-cell \"\n                                    data-cell-id=\"B16\"\n                data-col-index=\"1\"\n                data-row-index=\"15\"\n                style=\"                padding:10px;\n                \"\n                >\n                                postalCode                <\/td>\n                                            <td class=\"wpdt-cell  wpdt-empty-cell \"\n                                    data-cell-id=\"C16\"\n                data-col-index=\"2\"\n                data-row-index=\"15\"\n                style=\"                padding:10px;\n                \"\n                >\n                                                <\/td>\n                                        <\/tr>\n                    <\/table>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-getting-your-api-key-in-jumpcloud\">Getting Your API Key in JumpCloud<\/h2>\n\n\n\n<p>You need a JumpCloud API Key to connect Okta and JumpCloud. This key is found in the JumpCloud Admin Portal.&nbsp;<\/p>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>The API key from MTP admins will not work with the JumpCloud integration app in Okta. Only the tenant specified admin&#8217;s key will work in this integration.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>To generate an API Key<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\">JumpCloud Admin Portal<\/a>.<\/li>\n\n\n\n<li>Click your account initials displayed in the top-right and select&nbsp;<strong>My API Key<\/strong>&nbsp;from the drop down menu.<\/li>\n\n\n\n<li>If you haven&#8217;t generated an API key before, click&nbsp;<strong>Generate API Key<\/strong>&nbsp;to have an API key generated and displayed. If you have an API key but don&#8217;t have it stored, click <strong>Generate New API Key<\/strong>. <\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>API Keys are only displayed at the time they\u2019re created. Make sure to store it in a secure place, like&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-jumpcloud-password-manager\">JumpCloud\u2019s Password Manager<\/a>&nbsp;so you can access it when you need it.<\/p>\n\n\n\n<p>If you&#8217;re generating a new API key, it will revoke access to the current API key. This will render all calls using the previous API key inaccessible. You will have to update any existing integrations that use an API key with the newly generated value. See <a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-apis#generating-a-new-api-key\">JumpCloud APIs<\/a> to see the impacted integrations. <\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"4\">\n<li>Paste the key into&nbsp;<strong>Okta\u2019s API integration settings<\/strong>.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-enabling-and-configuring-scim-integration-in-okta\">Enabling and Configuring SCIM Integration in Okta<\/h2>\n\n\n\n<p><strong>To enable and configure SCIM integration in Okta<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to Okta.<\/li>\n\n\n\n<li>Go to&nbsp;<strong>Applications<\/strong>, and open&nbsp;the JumpCloud application.&nbsp;&nbsp;<\/li>\n\n\n\n<li>In the JumpCloud application, go to&nbsp;<strong>General<\/strong>.&nbsp;<\/li>\n\n\n\n<li>For&nbsp;<strong>Application visibility<\/strong>, select the following options:\n<ul>\n<li><strong>Do not display application icon to users<\/strong><\/li>\n\n\n\n<li><strong>Do not display application in the Okta Mobile App<\/strong><\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Go to&nbsp;<strong>Provisioning<\/strong>, then click&nbsp;<strong>Configure API Integration<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Select&nbsp;<strong>Enable API Integration<\/strong>.<\/li>\n\n\n\n<li>Paste&nbsp;the&nbsp;<strong>API Key&nbsp;<\/strong>that you copied&nbsp;from the JumpCloud Administrator Portal.&nbsp;&nbsp;<\/li>\n\n\n\n<li>Click&nbsp;<strong>Test API Credentials<\/strong>, this isn&#8217;t required, but recommended.&nbsp;<\/li>\n\n\n\n<li>If your optional test is successful, or if you&nbsp;choose not to test, click&nbsp;<strong>Save<\/strong>.&nbsp;<\/li>\n\n\n\n<li>Go to&nbsp;<strong>Provisioning<\/strong>&nbsp;&gt;&nbsp;<strong>Settings<\/strong>&nbsp;&gt;&nbsp;&nbsp;<strong>To App<\/strong>, then click&nbsp;<strong>Edit<\/strong>.&nbsp;<\/li>\n\n\n\n<li>(Required) Select&nbsp;<strong>Enable<\/strong>&nbsp;for the options you want to enable for your SCIM integration with JumpCloud. You can choose to&nbsp;<strong>Create Users<\/strong>,&nbsp;<strong>Update User Attributes<\/strong>, and&nbsp;<strong>Deactivate Users<\/strong>.<\/li>\n\n\n\n<li>(Required) For&nbsp;<strong>Sync Password<\/strong>, select&nbsp;<strong>Enable<\/strong>&nbsp;and&nbsp;<strong>Sync Okta Password<\/strong>.<\/li>\n\n\n\n<li>Scroll past&nbsp;the Provisioning options, then click&nbsp;<strong>Save<\/strong>&nbsp;to apply your selected provisioning settings.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-verifying-your-integration\">Verifying Your Integration<\/h2>\n\n\n\n<p>After you\u2019ve integrated JumpCloud with Okta, you can verify your integration by performing the following actions in Okta:&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Create a user<\/strong>: If you\u2019re successfully integrated, when you create a user in Okta, the user is added in JumpCloud and you&#8217;ll see the user in the Users list<\/li>\n\n\n\n<li><strong>Update a user<\/strong>: If you\u2019re successfully integrated, when you update a user in Okta, the user is updated in JumpCloud. You can verify the update by viewing the user&#8217;s Details panel\u00a0\u00a0<\/li>\n\n\n\n<li><strong>Suspend a user<\/strong>: If you\u2019re successfully integrated, when you deactivate or delete a user in Okta, the user is suspended in JumpCloud. You can verify the suspension by viewing the user in the\u00a0<strong>Users<\/strong>\u00a0list and by viewing their\u00a0<strong>Details<\/strong>\u00a0panel. See\u00a0<a href=\"https:\/\/jumpcloud.com\/support\/suspend-and-reactivate-users\">Suspend and Restore User Accounts<\/a><\/li>\n<\/ul>\n\n\n\n<p>Learn more about these actions and statuses in&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/get-started-users\">Getting Started: Users<\/a>&nbsp;and&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/password-statuses\">User Account Status<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-troubleshooting-your-integration\">Troubleshooting Your Integration<\/h2>\n\n\n\n<p>If you run into issues during your verification of the integration, you can troubleshoot in the following ways:<\/p>\n\n\n\n<ul>\n<li><strong>Check your provisioning selections<\/strong>: Make sure you selected the provisioning option for the action you\u2019re performing. For example, make sure that you have selected\u00a0<strong>Update User Attributes<\/strong>\u00a0if changes you\u2019re making to users in Okta aren\u2019t updating in JumpCloud<\/li>\n\n\n\n<li><strong>Check your sync password selection<\/strong>: Make sure you\u2019ve selected the\u00a0<strong>Sync Okta Password<\/strong>\u00a0option for\u00a0<strong>Sync Password<\/strong>\u00a0<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-migration-steps\">Migration Steps<\/h2>\n\n\n\n<p><strong>To create a new instance of JumpCloud in Okta<\/strong>:<\/p>\n\n\n\n<ol>\n<li>Log in to your Okta org as an administrator.<\/li>\n\n\n\n<li>Select to view the&nbsp;<strong>Classic UI<\/strong>.<\/li>\n\n\n\n<li>Click&nbsp;<strong>Add Applications<\/strong>.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"964\" height=\"512\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-add-applications.png\" alt=\"\" class=\"wp-image-87653\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-add-applications.png 964w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-add-applications-300x159.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-add-applications-768x408.png 768w\" sizes=\"(max-width: 964px) 100vw, 964px\" \/><\/figure>\n\n\n\n<ol start=\"4\">\n<li>Search for&nbsp;<strong>JumpCloud<\/strong>, then select the application.<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"497\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-select-jumpcloud-1024x497.png\" alt=\"\" class=\"wp-image-87657\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-select-jumpcloud-1024x497.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-select-jumpcloud-300x146.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-select-jumpcloud-768x373.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-select-jumpcloud.png 1044w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<ol start=\"5\">\n<li>Click&nbsp;<strong>Add<\/strong>.<\/li>\n\n\n\n<li>Configure the new application with provisioning as described in&nbsp;Enabling&nbsp;and Configuring&nbsp;SCIM Integration in Okta.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-managing-password-resets-with-okta-and-jumpcloud-managed-devices\">Managing Password Resets with Okta and JumpCloud Managed Devices<\/h2>\n\n\n\n<p>In this configuration, Okta will export Users, attributes, and passwords to JumpCloud through the OIN App. Passwords should be set or reset within Okta once this configuration has been enabled. JumpCloud will receive these passwords from Okta when a user resets within their Okta user portal. If you are additionally leveraging JumpCloud to manage your macOS, Windows, and Linux devices, you must consider the following to ensure that your users utilize and know the best practices for password resets.&nbsp;<\/p>\n\n\n\n<p>With this integration,&nbsp;<strong>all passwords must be reset within Okta<\/strong>. If passwords are changed in JumpCloud, they will not be exported back to Okta and will result in discrepancies between the user\u2019s Okta and JumpCloud passwords.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-managing-password-resets-and-jumpcloud-managed-macos-devices\">Managing Password Resets and JumpCloud Managed MacOS Devices<\/h3>\n\n\n\n<p>There can be several workflows when resetting passwords within this configuration. When devices are managed by JumpCloud, passwords should be reset in Okta and later confirmed on the device. Ensure that the following best practices are leveraged when users commit a password reset within Okta.&nbsp;<\/p>\n\n\n\n<p>Additionally, JumpCloud&nbsp;<strong>requires&nbsp;<\/strong>macOS devices to be online during the password change in Okta so that the device will receive the new password via the JumpCloud Agent. This can be achieved when users are logged into their device and change the password within a browser window. The JumpCloud Tray App then requests a confirmation of the password change. See the workflow diagrams below.&nbsp;<\/p>\n\n\n\n<p><strong>Password Reset with Okta and a Single MacOS Device (Online) &#8211; Recommended<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"575\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-online-1024x575.jpeg\" alt=\"\" class=\"wp-image-87659\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-online-1024x575.jpeg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-online-300x168.jpeg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-online-768x431.jpeg 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-online.jpeg 1335w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In this diagram, a user resets their password in a browser window on their JumpCloud managed macOS device. This sends the password to JumpCloud which updates their JumpCloud User Password. Within 60 seconds, their macOS JumpCloud Device Agent checks in with JumpCloud, receives the new password hash, and displays a notification. The User<strong>&nbsp;must confirm<\/strong>&nbsp;their password in order for the FileVault (SecureToken) password and User Login password to be synced within the macOS keychain.&nbsp;<\/p>\n\n\n\n<p><strong>Password Reset with Okta and a Single MacOS Device (Offline) &#8211;&nbsp;<u>Not Recommended<\/u><\/strong><\/p>\n\n\n\n<p><img decoding=\"async\" width=\"1336\" height=\"748\" class=\"wp-image-87658\" style=\"width: 900px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-offline.jpeg\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-offline.jpeg 1336w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-offline-300x168.jpeg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-offline-1024x573.jpeg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-single-macos-device-offline-768x430.jpeg 768w\" sizes=\"(max-width: 1336px) 100vw, 1336px\" \/><br>JumpCloud recommends that users change their passwords while logged in to their primary macOS device. If the user\u2019s macOS device is offline, additional steps must be taken to ensure the password is updated in macOS. The workflow shown in the previous diagram is&nbsp;<strong>not recommended<\/strong>&nbsp;unless absolutely necessary.<\/p>\n\n\n\n<p>When a user changes their password in Okta, while their macOS device is offline, Okta sends the updated password to JumpCloud. JumpCloud updates the user\u2019s JumpCloud password to the new Okta password. Because the macOS device is offline, no updates are received until FileVault is unlocked.&nbsp;<\/p>\n\n\n\n<p>When the user cold-boots their macOS device, FileVault prompts for a password. The user must enter the previous password\u2013that is, the one they used before the password reset in Okta. This is because the macOS device is encrypted, the NIC is not initialized, and the JumpCloud Agent is not active until FileVault is unlocked.&nbsp;<\/p>\n\n\n\n<p>Once the user has unlocked FileVault using their previous password, the JumpCloud Device Agent will run, connect to the internet, and receive the new password hash from JumpCloud. The user will see a second login prompt asking them for their previous and new password. The user should use the previous password they just used to unlock the Filevault Window and the&nbsp;<strong>new&nbsp;<\/strong>password they\u2019ve just reset in Okta.&nbsp;<\/p>\n\n\n\n<p>If typed correctly, the user is then logged into their profile and the macOS keychain is synced and updated appropriately.&nbsp;<\/p>\n\n\n\n<p><strong>Password Reset with Okta and Multiple MacOS Devices (Online) &#8211; Recommended<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"575\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-1024x575.jpeg\" alt=\"\" class=\"wp-image-87656\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-1024x575.jpeg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-300x169.jpeg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-768x432.jpeg 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online.jpeg 1333w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In the diagram above, a user resets their password within a browser window on their primary JumpCloud managed macOS device. This sends the password to JumpCloud which updates their JumpCloud User Password. Once their macOS JumpCloud Device Agent checks in with JumpCloud, it receives the new password hash and displays a notification. The user must confirm their password in order for the FileVault (SecureToken) password and User Login password to be synced in the macOS keychain.&nbsp;<\/p>\n\n\n\n<p>For the second macOS device, the user &nbsp;performs a login where the User Login prompt requests their previous and new password. This updates the macOS keychain to utilize the new password appropriately.&nbsp;<\/p>\n\n\n\n<p>JumpCloud recommends that the second or additional macOS devices be online and past the FileVault Login so the JumpCloud Device agent and the NIC are active and initialized. It is not recommended to have the additional macOS devices offline during a password reset operation in Okta.&nbsp;<\/p>\n\n\n\n<p><strong>Password Reset with Okta and Multiple MacOS Devices (Online\/Offline) &#8211;&nbsp;<u>Not Recommended<\/u><\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-and-offline-1024x576.jpeg\" alt=\"\" class=\"wp-image-87655\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-and-offline-1024x576.jpeg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-and-offline-300x169.jpeg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-and-offline-768x432.jpeg 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-multiple-macos-devices-online-and-offline.jpeg 1333w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>JumpCloud recommends only using this workflow if it is absolutely necessary to ensure proper password syncing.&nbsp;<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p>In the diagram above, a user resets their password within a browser window on their primary JumpCloud managed macOS device. This sends the password to JumpCloud which updates the JumpCloud User Password. Once the macOS JumpCloud Device Agent checks in with JumpCloud, it receives the new password hash and displays a notification. The user must confirm their password in order for the FileVault (SecureToken) password and User Login password to be synced within the macOS keychain.&nbsp;<\/p>\n\n\n\n<p>For the second macOS device, the user cold-boots their macOS device. FileVault will prompt for a password. This is the password the user used before the password reset in Okta. This is because the macOS device is encrypted, the NIC is not initialized, and the JumpCloud Agent is not active until after FileVault is unlocked.&nbsp;<\/p>\n\n\n\n<p>Once the User has unlocked FileVault using their previous password, the JumpCloud Device Agent will run, connect to the internet, and receive the new password hash from JumpCloud. The user will see a second login prompt asking for their previous and new passwords. The user should use the previous password they just used to unlock the Filevault Window and the&nbsp;<strong>new&nbsp;<\/strong>password they\u2019ve just reset within Okta.&nbsp;<\/p>\n\n\n\n<p>JumpCloud recommends &nbsp;that the second or additional macOS devices be online and past the FileVault Login so the JumpCloud Device agent and the NIC are active and initialized. It is always best practice to have the additional macOS devices online during a password reset operation in Okta.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-password-reset-with-okta-and-windows-devices\">Password Reset with Okta and Windows Devices<\/h3>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"573\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-windows-device-1024x573.jpeg\" alt=\"\" class=\"wp-image-87660\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-windows-device-1024x573.jpeg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-windows-device-300x168.jpeg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-windows-device-768x430.jpeg 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-windows-device.jpeg 1336w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In the diagram above, a user resets their password within a browser window on their JumpCloud managed Windows device. This sends the password to JumpCloud which updates the JumpCloud User Password. Once the JumpCloud Device Agent checks in with JumpCloud, it receives the new password hash and updates the local password hash within Windows. The next time Windows requests a password, it will be using the new password the user just set.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"h-password-reset-with-okta-and-linux-devices-nbsp\">Password Reset with Okta and Linux Devices&nbsp;<\/h3>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"575\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/okta-linux-device-1024x575.jpeg\" alt=\"\" class=\"wp-image-87654\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-linux-device-1024x575.jpeg 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-linux-device-300x168.jpeg 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-linux-device-768x431.jpeg 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/okta-linux-device.jpeg 1334w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In the diagram above, a user resets their password within a browser window on their JumpCloud managed Linux device. This sends the password to JumpCloud which updates their JumpCloud User Password. Once the JumpCloud Device Agent checks in with JumpCloud, it receives the new password hash and updates the local password hash within Linux. The next time Linux requests a password, it will be using their new password they\u2019ve just set.&nbsp;<\/p>\n\n\n\n<p><strong>Additional Resources:<\/strong><\/p>\n\n\n\n<p>Walk through a guided simulation for <a href=\"https:\/\/university.jumpcloud.com\/courses\/simulation-configure-okta-real-time-user-and-password-import\">Configuring Okta Real-Time User and Password Import<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Streamline lifecycle management for your organization by connecting Okta with JumpCloud through a Real-time User and Password Import&nbsp;SCIM integration. This [&hellip;]<\/p>\n","protected":false},"author":200,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2855,2907,2999],"support_tag":[],"coauthors":[2841],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.9 (Yoast SEO v22.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Configure Okta Real-time User and Password Import - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to Configure Okta Real-time User and Password Import so that you can you manage your organization\u2019s user identities in Okta.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Configure Okta Real-time User and Password Import\" \/>\n<meta property=\"og:description\" content=\"Learn how to Configure Okta Real-time User and Password Import so that you can you manage your organization\u2019s user identities in Okta.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-22T19:43:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"14 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"natecopt\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import\",\"url\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import\",\"name\":\"Configure Okta Real-time User and Password Import - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png\",\"datePublished\":\"2023-06-05T17:09:52+00:00\",\"dateModified\":\"2024-08-22T19:43:27+00:00\",\"description\":\"Learn how to Configure Okta Real-time User and Password Import so that you can you manage your organization\u2019s user identities in Okta.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Configure Okta Real-time User and Password Import\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Configure Okta Real-time User and Password Import - JumpCloud","description":"Learn how to Configure Okta Real-time User and Password Import so that you can you manage your organization\u2019s user identities in Okta.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import","og_locale":"en_US","og_type":"article","og_title":"Configure Okta Real-time User and Password Import","og_description":"Learn how to Configure Okta Real-time User and Password Import so that you can you manage your organization\u2019s user identities in Okta.","og_url":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import","og_site_name":"JumpCloud","article_modified_time":"2024-08-22T19:43:27+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"14 minutes","Written by":"natecopt"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import","url":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import","name":"Configure Okta Real-time User and Password Import - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png","datePublished":"2023-06-05T17:09:52+00:00","dateModified":"2024-08-22T19:43:27+00:00","description":"Learn how to Configure Okta Real-time User and Password Import so that you can you manage your organization\u2019s user identities in Okta.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/extend-okta-identities.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/configure-okta-real-time-user-password-import#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Configure Okta Real-time User and Password Import"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/83688"}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/200"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/83688\/revisions"}],"predecessor-version":[{"id":114817,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/83688\/revisions\/114817"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=83688"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=83688"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=83688"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=83688"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}