This guide provides the steps required to configure Provisioning for AMGtime.

Contents

Contents

Features

Requirements

Step-­by-­Step Configuration Instructions

Syncing Okta users to AMGtime

Troubleshooting Tips

 

Features

The following provisioning features are supported:

Push New Users

  • New users created through OKTA will also be created in the third party application.

Push Profile Updates

  • Updates made to the user's profile through OKTA will be pushed to the third party application.

Push User Deactivation

  • Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third party application.
  • Note: For this application, deactivating a user means removing access to login, but maintaining the user's AMGtime information as an inactive user.

Reactivate Users

  • User accounts can be reactivated in the application.
Import Users
  • User accounts can be imported from AMGtime to Okta if needed.

Requirements

(NOTE: Before you configure provisioning for AMGtime, you must reach out to the AMGtime Support team to activate the feature. (support@amgtime.com)

When adding a new user in the Okta, the “User Type” field is required in order to create user also in AMGtime system. 


Step-­by-­Step Configuration Instructions

To get started, reach out to the AMGtime Support team and let them know you want to use Okta for login. (support@amgtime.com)

      1. From Applications list click on the application name.
      2. Go to the Provisioning tab.
      3. From the Settings click on the Integration.
      4. Check the Enable provisioning features box.
      5. Click Configure API Integration.
      6. Check the Enable API integration box.
      7. In the Sign On tab, set the Application username format to Email. Click Save.
      8. Enter Base URL: https://amgwebtime.com/scim/v2.
      9. Enter the Credentials.
      10. Click Test API Credentials; if successful, a verification message appears at the top of the screen.
      11. Click Save.
      12. Select To App in the left panel, then select the Provisioning Features you want to enable
        Configuring user provisioning for AMGTime OKTA Image 1
      13. Click Save.
      14. You can now assign people to the app (if needed) and finish the application setup.
      15. Select To Okta in the left panel, then select the Provisioning Features you want to enable
      16. Make sure Okta username format is set to Email address

      17. Click Save
      18. Now you’re ready to go to the Import tab and assign your imported users to the AMGtime app.
      19. When assigning  app to groups, you need to enter User Type “Employee”, if you want to add employees in the AMGtime system, or “User Roles” in order to add users in the system. Below is mentioned the corresponding fields in AMGtime
 

Cost Center - Job

Organization – Headquarter

Division – Division

Department - Department

 

Configuring user provisioning for AMGTime OKTA Image 2

 

Syncing Okta users to AMGtime

 

  • In the AMGtime application in your Okta dashboard, click on the Assignments tab, and click on the Assign button in the upper left. If you would like to create AMGtime accounts for individual users, click Assign to People. If you would like to create AMGtime accounts for larger groups of users, click Assign to Groups.
  • Choose the users or groups you would like to create AMGtime accounts for, and click Assign. In the information dialog that appears, make sure that the User Name and Primary Email are the same value. AMGtime requires members to use email addresses to log in, so it is not possible to have different values for these fields. Once you click Save and Go Back, these users will be immediately created as members in your AMGtime organization.

 

Troubleshooting Tips

For user type other than 'Employee' only the following fields can be synchronized:

  1. Username
  2. First name
  3. Last name
  4. User type
When 'User type' is set to 'Employee' in Okta, Fields not mentioned above (middle name, address, state, ...) are pushed with the proper value.
User type field can be chosen any value from Users -> Roles.
When user type is one of Roles e.g. 'Editor' it cannot be changed directly to Employee but can be changed to 'Editor, Employee' which will give the user access to both manager and employee pages.
  • Please reach out with any questions during your configuration process.
  • The provided username and email address must match.
  • AMGtime does not support modifications to the username or email address.
  • Note: When users are deactivated in Okta, they will be deactivated in AMGtime. Users will not be able to login to the application, but their data will remain available as an ‘inactive user’. To permanently delete user data, contact AMGtime Support, (support@amgtime.com).