Configure SCIM provisioning

Limited
Release

This document describes how to configure SCIM provisioning using Okta User Life Cycle Management. This does not replace your current New Relic SSO app.

This integration with Okta is currently under development and is not available to customers yet. Contact your account representative to learn more.

Supported Features

Create users New users created through Okta will also be created in New Relic if they are assigned individually or belong to one of the push groups configured in the New Relic application.
Update user attributes Updates made to a user profile in Okta will also be updated in New Relic if they are assigned to the New Relic application. This includes first name, last name, and email address.
Deactivate users

Deactivating a user in Okta will also deactivate the user in New Relic. Deactivation in New Relic will also occur if the user is removed from the push group that has been assigned to the New Relic application.

Pushing new groups

Groups that have the New Relic application

assigned to them will be created within New Relic.

These features are not supported

Sync password

Synchronizing user passwords between New Relic to Okta is not supported.

Importing and updating users in Okta from New Relic Importing and updating users from New Relic to Okta is not supported.

Configuration Instructions

Contact your New Relic account representative to discuss and sign the limited release agreement, go over known limitations, and set up a time with the New Relic engineering team and your Okta administrator to configure your account(s) for SCIM provisioning with Okta. During this call, you will need to follow these steps:

  1. Obtain a SCIM Provisioning API Token from the New Relic Engineering Team.
  2. Navigate to the Applications tab on your Okta Admin page and click Add Application.
  3. Add the New Relic (Limited Release) application.
  4. Enter your SCIM Provisioning API Token on the application Provisioning tab.
  5. Click Next.
  6. Optionally, configure SAML (See SAML SSO within authentication domains).
  7. Assign users to the New Relic application, either individually or by group. Note: if assigning by group, you must first configure the group in the Push Groups tab for the group to be created in New Relic.
  8. Work with the New Relic engineering team to assign roles in New Relic to any groups provisioned in step 7.

For more help

Contact your New Relic account representative.