Install the Okta Provisioning Agent

Before configuring on-premises provisioning for an app, install the Linux or Windows Okta Provisioning Agent. You can connect your Okta Provisioning Agent to multiple on-premises apps, but you must provide a unique SCIM server URL for each app.

Linux

  1. On your okta-admin app instance page, go to the Provisioning tab and then click Download Provisioning Agent.
  2. or

    On the Okta Admin Console, go to SettingsDownloads, and then click Download for the Okta Provisioning Agent (x64 RPM).

  3. Optional. Generate the file hash (SHA-512) and confirm the file size to help verify the integrity of the Okta Provisioning Agent file:
    1. Sign in to the Linux server where you downloaded the Okta Provisioning Agent and use this command to generate the file hash (SHA-512) for the Okta Provisioning Agent:

    sha512sum setup.rpm

    Replace setup.rpm with the file path of the Okta Provisioning Agent you downloaded in step 1.

    1. Use this command to determine the file size of the Okta Provisioning Agent:

    ls -l setup.rpm

    Replace setup.rpm with the file path of the Okta Provisioning Agent you downloaded in step 1.

    1. On the Okta Admin Console, go to Settings > Downloads.
    2. Scroll down to the Okta Provisioning Agents area and compare the file hash and file size information you obtained in steps a and b with the information displayed for the Okta Provisioning Agent (x64 RPM).
  4. When the Okta Provisioning Agent is downloaded, sign in as root to your Linux server.
  5. Copy the Okta Provisioning Agent .rpm file to a scratch directory, and then cd to that directory.
  6. Install using yum by entering the following:
  7. yum localinstall <package name>

    For example, yum localinstall OktaProvisioningAgent*.rpm

  8. When you are prompted to continue, enter y.
  9. After the installation succeeds, copy the command on your screen and run the script as root:
  10. sudo /opt/OktaProvisioningAgent/configure_agent.sh

  11. Enter the URL of you org at the prompt (for example: https://mycompany.okta.com).
  12. In your browser, go to the URL that you are provided, and sign in with your username and password.
  13. To enable the Okta Provisioning Agent to access the Okta API, click Allow Access.
  14. Note: If you haven't enabled TLS 1.2 protocol or are using an earlier version, see Enable the Transport Layer Security 1.2 protocol.

  15. Return to the command line. After you receive a successful configuration message, copy and enter the command:
  16. service OktaProvisioningAgent start

  17. To confirm that the agent is running, enter the following:
  18. service OktaProvisioningAgent status

Windows

  1. On the Okta Admin Console, go to SettingsDownloads.
  2. Click Download for the Windows Okta Provisioning Agent.
  3. Optional. Generate the file hash (SHA-512) and confirm the file size to verify the integrity of the Okta Provisioning Agent file:
    1. Open a command prompt and use this command to generate the file hash (SHA-512) for the Okta Provisioning Agent:

    CertUtil -hashfile setup.exe SHA512

    Replace setup.exe with the file path of the Okta Provisioning Agent you downloaded in step 2.

    1. Browse to the location where you downloaded the Okta Provisioning Agent, right-click the file, select Properties, record the value displayed in the Size field, and click OK.
    2. On the Okta Admin Console, go to Settings > Downloads.
    3. Scroll down to the Okta Provisioning Agents area and compare the file hash and file size information you obtained in steps a and b with the information displayed for the Okta Provisioning Agent (Windows x64 EXE).
  1. Launch the installer, and then click Next.
  2. In the License Agreement dialog box, click Next.
  3. Optional. Change the installation folder, and then click Install.
  4. Enter your Okta Customer Domain URL, and then click Next.
  5. In your browser, sign in to your org.
  6. Grant permission to access the Okta API by clicking Allow Access.
  7. Return to the installer, and then click Finish.
  8. Sign in to Okta.
  9. Note: If you haven't enabled TLS 1.2 protocol or are using an earlier version, see Enable the Transport Layer Security 1.2 protocol.

  10. In Admin Console, select Agents. Verify that the configured on-premises agent is in the list.

Next steps