How-To: Automated NS1 Provisioning with Okta Workflows

Shalom Carmel Chief Information Officer at GlobalDots
2 Min read

While Okta and NS1 support SAML Authentication, Provisioning and de-provisioning users still requires manual work. We hate manual work, so here’s a way to automate the entire process, end-to-end, using Okta Workflows.

Still unfamiliar with Workflows? Start here.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Setting the Scene

  1. On NS1’s portal, Create an API Key for Okta Workflows.

2. On Okta Workflows Dashboard, Click “Connections” and “New Connection” with type “API Connector”

3. Select Custom Auth Type, Header name is X-NSONE-Key and value is your api key

Now that we have our API connection ready, we can build our new workflow. In our case, the event that triggers the workflow is “User Added to Group”, where we continue if the group ID is relevant for NS1. Then it reads the user and formats his user name as okta_firstname_lastname, and creates the user in a specific team.

Building the Workflow

  1. Create a workflow and check if the user was added to the right group.


2. Read the users name and Display name, and compose your user ID based on the logic you’ve decided on.


3. Construct the JSON object (Function -> Object -> Construct) with the following names and values:
username -> Output from Compose
email -> Okta’s Username
name -> Okta’s Display name
Teams (type: list of text)-> team ID in NS1 you want to assign it to

Tip: If you don’t know your team ID, run  curl -X GET -H “X-NSONE-Key: $API_KEY” https://api.nsone.net/v1/account/teams


4. Create a new API Connector action and select “Put”. Select your NS1-API connector that we created on the first stage.

5. Populate the following values:
URL: https://api.nsone.net/v1/account/users
Body: the output of the Object we’ve constructed


Once done, feel free to test this around.

Closing the Loop

To make this extra-perfect, I also suggest editing the okta username format in the NS1 SAML app in Okta:

  1. Navigate to the SAML Application you use for NS1
  2. On the sign on tab, Edit the sign on methods and scroll down to “Credentials Details”
  3. Select “Custom” as the Application username format and enter your selected logic (in our example we used okta_firstname_lastname which translates to “”okta_”+user.firstName+”_”+user.lastName”
  4. Preview your mapping to make sure everything works, and save the change.
  5. The change will not affect existing users, but new users will be able to sign in with their username once they’re assigned to the application.

Wrapping Up

There are many more cool, time-saving hacks now possible with Okta.

Contact us to get the full suite up & running from day-1.

Latest Articles

Embark on Your Cloud Security Journey with GlobalDots CNAPP and its New CIEM Capability

Imagine being the captain of a vast space station, floating in the endless cosmos. Your station is filled with various facilities, each serving its unique purpose, and inhabited by astronauts, each following their own set of rules. Without a proficient system to manage these rules, chaos could reign. An astronaut might accidentally enter a restricted […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
27th July, 2023
Long-Term LastPass Breach Sounds Alarm For Static Credentials

LastPass’ password management service has introduced millions of users to the convenience and security of unique passwords. Across mobile and browser, LastPass promises a near-passwordless experience for millions of individuals and over 100,000 businesses. However, recent news threatens to drop a bombshell on credential-based security.  The Year-Long LastPass Dual Breach  In August 2022, LastPass released […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
2nd March, 2023
It’s time to get rid of passwords!

In addition to being outdated, passwords create frictions and hassles for workflows, teams, and users. We enable the complete elimination of passwords, securely and with an optimal user experience – by implementing the latest IAM & CIAM innovative solutions.  We are using a technology called FIDO2 (Fast ID Online) Authentication – new passwordless authentication method that relieves credentials […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
10th November, 2022
GlobalDots Partners With Transmit to Make Passwords Extinct

As we rely more and more on online services, managing passwords becomes increasingly challenging. Compromised passwords lead to account takeovers, which pose existential threats to customer-facing businesses. Account takeovers led to an estimated $11.4 billion in losses in 2021, caused mostly by compromised passwords. GlobalDots, a cloud innovation leader, partners with Transmit Security, a leading […]

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots
8th September, 2022

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services