Overview
MagicPod provides a SCIM (System for Cross-domain Identity Management) integration feature for customers on the New Enterprise Plan.
By integrating with Okta, you can automate user account creation, updates, and deactivation, significantly reducing the operational burden of user management.
Requirements
To use the SCIM integration feature, the following conditions must all be met:
- Your subscription is on the New Enterprise Plan
- The organization-exclusive user setting is enabled
(“Enable (non-<Org name>-exclusive users cannot be added)”)
→ How to configure -
SAML authentication is enabled (“Enable (non-SAML auth users cannot be added)”)
→ How to configure - Supported identity provider: Okta only
→ Okta official site - Currently, only Users can be managed. (For Groups, only synchronization of users within the group is supported; creation, updating, and deletion of groups themselves are not supported.)
Setup Steps
- In the MagicPod organization settings, enable the SCIM integration
- Generate an API token after enabling
- Save the organization settings
- Configure the SCIM integration in Okta
- Use the SCIM 2.0 Test App (OAuth Bearer Token)
- Refer to the Okta official guide for detailed steps
Once the integration is complete, user provisioning actions in Okta (such as creating, updating, or deactivating accounts) will automatically be reflected in MagicPod.
This ensures efficient and secure account management across your organization.
Troubleshooting
When provisioning users in Okta, you may encounter a conflict error such as the following:
Automatic provisioning of user <username> to app SCIM 2.0 Test App (OAuth Bearer Token) failed: Error while creating user <email>: Conflict. Errors reported by remote server: User with this email already exists
This error occurs when a user with the same email address already exists in MagicPod at the time of SCIM user provisioning. Due to this duplication, the system is unable to create the user as a new account, resulting in a conflict error.
To resolve this issue, the existing user account must be deleted.
-
For organization-specific users
An organization administrator can delete the user from the Members page. -
For regular user accounts
These cannot be deleted from the admin interface.
Please refer to the help page and contact support to request deletion of the user account.