For teams that rely on Okta for provisioning, Custom Roles fully integrate with Okta! Any role created in ClickUp can be added as an option within Okta, making it easy to integrate Custom Roles into existing workflows.
How to configure your integration
Note: Before you're able to set up provisioning, you must have Okta SSO enabled for your Workspace. Please refer to this guide for instructions on how to set up Okta SSO.
1. Once SSO is enabled, you'll be presented with a SCIM Base URL and SCIM API Token
2. In the Okta Dashboard, navigate to the ClickUp application and click the
3. Check the
Enable provisioning features box
Configure API Integration
5. Check the
Enable API integration box
6. Enter the SCIM Base URL and SCIM API Token you received in step 1
7. Click Test API Credentials; if successful, a verification message will appear
To App in the left panel, then select the
Provisioning Features you want to enable.
10. Assign people to the app (if needed) and finish the application setup.
11. When assigning users or groups, assign the ClickUp Role attribute (guest, member, or admin) Note: If this attribute is unset, it will default to a member user
What you can do
Push New Users
- New users created through Okta will also be created in the third party application
Push Profile Updates
- Updates made to the user's profile through Okta will be pushed to the third party application
Push User Deactivation
- Deactivating the user or disabling the user's access to the application through Okta will deactivate the user in the third party application.
Note: For this application, deactivating a user means removing access to login, but maintaining the user's Chorus information as an inactive user
- User accounts can be reactivated in the application.
Troubleshooting & Tips
1. Once a user is created in ClickUp, it will not receive updates when the
2. When users are deactivated in Okta, they will be removed from the associated ClickUp Workspace. Users will not be able to access anything in that Workspace, but their data will remain available as an ‘inactive user’.
3. To set a custom role for you users, you can map to either the
customRoleName attribute, or the
customRoleId attribute. If you do not have someone that can access the ClickUp Public API, create an attribute in the Okta profile that is an enumerated list of names that match the custom roles that you created in your ClickUp Workspace and make sure this maps to
customRoleName during user provisioning. Please note that if the role name is changed in ClickUp, this mapping will break. If you can access the ClickUp Public API, use the
customRoleId attribute to ensure that the custom role mapping will not break on name change. To find out the ID’s that correspond to the Custom Roles that you created, use this endpoint to find the list of roles available on your workspace.