Skip to main content

Define OrgAndUserGroups with Okta

You can add a user to one or many user groups in an organization in Okta spotinst application:

  1. Make sure Okta SAML 2.0 authentication is configured with Spot.

  2. Sign in to Okta Admin, go to Directory > Profile Editor, and select Spotinst User.

  3. Click Add Attribute and add a custom attribute:

    • Data Type: string
    • Display Name: OrgAndUserGroups
    • Variable Name: OrgAndUserGroups

  4. Click Save.

  5. In Okta Admin, go to Applications > Applications, and select Spotinst app.

  6. On the Sign On tab, add this custom attribute under the SAML 2.0 settings:

    • Attribute Name: OrgAndUserGroups
    • Name Format: Unspecified
    • Value: appuser.OrgAndUserGroups

  7. Generate a new certificate and upload it to your Spot Organization.

  8. Add users to groups:

    1. For each user in your organization who needs to be assigned to groups, go to Okta Admin Directory > People.

    2. On the Applications tab, locate the Spotinst app and click Edit to add the OrgAndUserGroups:

      • For a single user: SPOTINST-{OrganizationID}:{UserGroupId}

        For example: SPOTINST-606012345678:ugr-1234

      • Multiple UserGroupIds for the same organization are separated with a comma: SPOTINST-{OrganizationID}:{UserGroupId1},{UserGroupId2}

        For example: SPOTINST-606012345678:ugr-1234,ugr-5678