See: Clarity SaaS Authentication in the Google Cloud PlatformNon-Federated User Creation in Okta
User Sync job
enables Clarity SaaS
customers to synchronize Clarity users
with Broadcom Okta and assign them to the appropriate Okta groups. Administrators should manually schedule this job
to run regularly. In Clarity 15.9.1 and future releases, customers do not need to log in to Okta as tenant admin to add users
. The SaaS
User Sync job
reads all users
from Clarity that have not been synced previously and then performs the following actions:
Check if the Clarity user exists in Okta.
- If the username is not in the form of an email address, the user is skipped.
- If the user exists and is in the appropriate Okta group, then the job will not make any changes.
- If the user exists but is not in the appropriate Okta user group, the job will add the user to the appropriate Okta user group.
- If the user does not exist in Okta, the job will create the user and add them to the appropriate Okta user group.
- If user status in Clarity is "inactive", then the job removes the user from the Okta user group, thus revoking their access to the Clarity PPM instance. The user will be marked as not having been synced in case they are reactivated at a future date.
To learn more about the SaaS User sync job, see Clarity Jobs Reference. If you are using older releases of Clarity, or want to create users manually as an Okta tenant admin, follow the steps given below. To learn more about creating an Okta tenant admin, see Creating an OKTA Tenant Admin.
From Clarity, create the non-federated user via the “Resources” section under Administration