Okta SAML & SCIM FAQs

Let's go over some common questions regarding Okta SAML and SCIM.

How does SCIM work across multiple offices?

SCIM attributes need to include either 'officeName' or 'physicalDeliveryOfficeName' or 'department' in the user creation request. This attribute must match the name of your Dialpad office, otherwise, we'll fall back to the 'country' attribute to assign your user to an office within that country (if one exists).

If no matching attribute or 'country', we'll use the best matching office we can add.

Define your office preferences in the Office Specification Field section of your SCIM Configuration Settings (found in the SCIM section of your Company Settings) 

If you're creating custom attributes, make sure that the external namespace is urn:ietf:params:scim:schemas:extension:enterprise:2.0:User

Tip

Set a default behavior for when there isn't an office to match to a user.
To define the office mismatch behavior, head to your SCIM Configuration Settings found in the Authentication section of your Company Settings.

How does SCIM work across multiple domains under the same office/company?

Multiple domains have no bearing on SCIM. Unless one domain is set up as the master, each domain must implement SCIM independently and sync with its master directory.

What happens if we're out of licenses for our office?

If you're out of licenses and choose to add more, Dialpad will bill you at the prorated amount.

What happens if we are out of numbers for the office?

We'll auto-assign numbers to your users from your reserved numbers pool. If there are no available numbers left in your reserve pool, we'll auto-assign numbers based on the area code your Admin selected when creating your Dialpad account.

When someone is removed from Dialpad via Okta, do they still appear in the Dialpad team list?

When you remove someone from the Dialpad app via Okta, the user will be suspended in Dialpad and will no longer use a user license.

While the user won't appear in your team list, you can still search for the user and verify that their status is Suspended.

When you delete a user from Okta, the user will be fully deleted from Dialpad and will no longer appear in the team list, even after searching.

How do I specify which license is assigned when provisioning a Dialpad user?

You'll need to create a licenseType attribute and specify Dialpad_Ai Voice, Dialpad_Support (Contact Center), or Dialpad_Ai Sales while creating the user. By default, Support (Contact Center) users are not assigned a DID.

Can I re-assign or change a user license type with  SCIM?

Absolutely! Updating users or user group fields in Okta will also update the associated Dialpad licenses. 

Can I change a DID (number) or extension in OKTA SCIM?

No, these changes need to be done on our Admin portal. Check out ourNumber Assignment articles for more details. 

How does the “Prevent users from logging in with other SSO providers” setting affect SSO?

When this option is enabled, Dialpad enforces the configured SAML-based SSO for everyone in your company. 

Other authentication mechanisms (like Google/Microsoft OAuth or Open Sign Up using email/password), if being used earlier, shall be blocked.