Install the Okta Provisioning Agent

Before configuring on-premises provisioning for an app, install the Linux or Windows Okta Provisioning Agent. You can connect your Okta Provisioning Agent to multiple on-premises apps, but you must provide a unique SCIM server URL for each app.

Linux

  1. In the Admin Console, go to SettingsDownloads. Click Download Latest for Okta Provisioning Agent (x64 RPM).
  2. Optional. Verify the integrity of the file that you downloaded. Compare its file hash and file size to those listed on the Downloads page.

    The following commands use OktaProvisioningAgent.rpm as a placeholder. Replace it with the name of the file that you downloaded (for example, OktaProvisioningAgent-02.00.15-5abcd5e.x86_64.rpm).

    1. Generate the SHA-512 file hash for the Okta Provisioning Agent by running the following command:sha512sum OktaProvisioningAgent.rpm
    2. List the size of the Okta Provisioning Agent file:ls -l OktaProvisioningAgent.rpm
    3. Return to the Downloads page. Confirm that the file hash and file size information for your downloaded file match the information that's displayed for Okta Provisioning Agent (x64 RPM).
  3. Copy the Okta Provisioning Agent .rpm file to a scratch directory, and then cd to that directory.
  4. Install the agent by entering the following, replacing OktaProvisioningAgent.rpm with the name of your downloaded file: sudo yum localinstall OktaProvisioningAgent.rpm
  5. When you're prompted to continue, enter y.
  6. Enable the Transport Layer Security 1.2 protocol.
  7. Run the following script:sudo /opt/OktaProvisioningAgent/configure_agent.sh
  1. Enter the URL of your org at the prompt (for example: https://mycompany.okta.com).
  2. In your browser, go to the URL from the configuration script output, and sign in with your username and password.
  3. To enable the Okta Provisioning Agent to access the Okta API, click Allow Access.
  4. Return to the command line. After you receive a successful configuration message, enter the command:service OktaProvisioningAgent start
  5. To confirm that the Okta Provisioning Agent is running, enter the following:service OktaProvisioningAgent status

The Okta Provisioning Agent's process identification number file is created as /var/run/OktaProvisioningAgent.pid.

Windows

  1. In the Admin Console, go to SettingsDownloads.
  2. Click Download Latest for the Windows Okta Provisioning Agent.
  3. Optional. Verify the integrity of the file that you downloaded. Compare its file hash and file size to those listed on the Downloads page.

    The following commands use OktaProvisioningAgent.exe as a placeholder. Replace it with the name of the file that you downloaded (for example, OktaProvisioningAgent-02.00.15-5abcd5e.x86_64.exe)

    1. Generate the SHA-512 file hash for the Okta Provisioning Agent by running the following from a command prompt: CertUtil -hashfile OktaProvisioningAgent.exe SHA512
    2. Browse to the location where you downloaded the Okta Provisioning Agent, right-click the file, select Properties, record the value displayed in the Size field, and click OK.
    3. Return to the Downloads page. Confirm that the file hash and file size information for your downloaded file match the information that's displayed for Okta Provisioning Agent (Windows x64 EXE).
  4. Launch the installer, and then click Next.
  5. In the License Agreement dialog box, click Next.
  6. Optional. Change the installation folder, and then click Install.
  7. Enter your Okta Customer Domain URL, and then click Next.
  1. In your browser, sign in to your org.
  2. Grant permission to access the Okta API by clicking Allow Access.
  3. Return to the installer, and then click Finish.
  4. Sign in to Okta.

    If you haven't enabled TLS 1.2 protocol or are using an earlier version, see Enable the Transport Layer Security 1.2 protocol.

  5. In Admin Console, select Agents. Verify that the configured Okta Provisioning Agent is in the list.

Next steps

Create an instance of your on-premises app in Okta