Advent Black Diamond supported features

This table lists the features that are available with an Advent Black Diamond integration.

Feature Description
Push new users

Users created in Okta are also created in Advent Black Diamond.

Here are some important things to note:

  • A user created through a governance instance receives an activation invitation. A user created through a non-governance instance doesn't receive any activation invitation, but the account is created.
  • Roles or privileges aren't required when you assign a new user in Okta.
  • The username must be unique and be fewer than 25 characters.
  • To create users, provide values for the following required fields:
    • username
    • email
    • firstName
    • lastName
    • userType
  • The default userType assigned is firmUser because only entitlements can be assigned to this type. Accounts are created by default with no access level.
  • You can assign roles or privileges using entitlements after user creation.
Push profile updates

Updates made to the user profile through Okta are pushed to Advent Black Diamond.

Here are some important things to note:

  • You can't update the username. When you attempt to update a username, the API creates a user with the updated value. You can view both the old and new users in the UI with the status Created in non-governance instance and status Invited in governance instance.
  • You can only update the following fields: first name, last name, email, and phone number.Updating an empty value for any of these fields clears its existing value.
  • Updating a user from two separate government instances risks overwriting or losing existing entitlements. For example, if an admin in one instance updates only the user's data values and omits the entitlements, any entitlements set by an admin in the other instance are removed.
Push user deactivation

Users deactivated in Okta are also deactivated in Advent Black Diamond.

Users whose status is either Created or Invited can't be deactivated. They're blocked from signing into Advent Black Diamond, and their status remains unchanged.

Import new users

Users created in Advent Black Diamond are imported into Okta.

Here are some important things to note:

  • During the import process, all user attributes (first name, last name, email, and phone number) are preserved. Organizational data, including roles, are also preserved.
  • The system uses the Email attribute as the unique identifier, even if a user's existing username isn't an email address, ensuring that the import completes successfully.
Import profile updates

Updates made to a user's profile in Advent Black Diamond are downloaded and applied to the Okta user profile.

Reactivate users

Users reactivated in Okta are also reactivated in Advent Black Diamond.

Import user schema

You can download user schema in the Advent Black Diamond into Okta. Only required fields are available.

Entitlement Management

You can manage app entitlements for Advent Black Diamond app in Okta. If the app supports Okta Identity Governance, then you need to enable it to manage entitlements.
Push groups

You can push groups and their members to integrated apps. See Manage Group Push.

Here are some important things to note:

  • You can create a standard group in Okta.
  • Users can be a part of multiple Advent Black Diamond teams.
  • Removing a group from the integrated app instance doesn't remove it from Advent Black Diamond.
  • You can update both the Display Name and Description for the groups.
  • User groups don't support role management and any groups created from Okta defaults to Full Access level.

Related topics

Configure Advent Black Diamond provisioning with Okta