Update Okta SCIM guideline (#178)

src/pages/how-to/idp-sync.mdx

@@ -33,7 +33,7 @@ Before you start creating and configuring an Google Workspace application, ensur
     <img src="/docs-static/img/how-to-guides/google-edit-service-account.png" alt="edit-service-account" className="imagewrapper-big"/>
 </p>
 
-- Take note of service account email address, we will use it in next steps
+- Take note of service account email address, you will use it in next steps
 - Click the `Keys` tab
 - Click the `Add key` drop-down menu, then select `Create new key`
 - Select `JSON` as the Key type and click `Create`
@@ -126,123 +126,88 @@ Before you start creating and configuring an Azure AD application, ensure that y
 
 ### Okta
 
-#### Step 1. Create and configure SAML 2.0 application
-In this step, we will create and configure NetBird SAML 2.0 application in okta.
-- Navigate to Okta Admin Dashboard
-- Click `Applications` in the left menu and then click on `Applications`
-- Click `Create App Integration`
-- Fill in the form with the following values and click `Next`
-  - Sign-in method: `SAML 2.0`
+If your organization relies on Okta for managing employee access, automating access to NetBird via Okta's `Provisioning` feature can streamline your operations. This integration leverages `SCIM` (System for Cross-domain Identity Management) to ensure smooth synchronization of users and groups. For comprehensive insights into Okta's SCIM capabilities, please consult this [article](https://www.okta.com/blog/2017/01/what-is-scim/).
+
+#### Prerequisites
+- Begin by installing the NetBird application from the [Okta Integration Network](https://www.okta.com/integrations/netbird)
+- Following installation, reach out to support to activate Okta SSO for your [support](mailto:support@netbird.io).
+
+#### Supported Features
+
+- **Create Users**: Users added through Okta will automatically be created in NetBird.
+- **Update User Attributes**: Any changes to user attributes in Okta will be synchronized with NetBird.
+- **Deactivate Users**: Deactivating a user in Okta will also deactivate them in NetBird.
+- **Group Push**: Groups created in Okta will be synchronized to NetBird.
+
+#### Configuration Steps
+##### Step 1: Configure SSO in Okta
+- Access the Okta dashboard and navigate to `Applications > Applications`, selecting the previously installed `NetBird` application.
+- Go to `Sign On > Settings` and select `Edit`.
+- In the `Credentials Details` section, change the `Application username format` to `Email` and select `Save`.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-new-application.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-sso-configuration.png" alt="Okta SSO Configuration" className="imagewrapper-big"/>
 </p>
 
-- Fill in the form with the following values and click `Next`
-  - App integration name: `NetBird SCIM`
+##### Step 2: Enable Okta SCIM in NetBird
+- Log into [NetBird](https://app.netbird.io/).
+- Proceed to [Integrations > Identity Provider](https://app.netbird.io/integrations?tab=identity-provider) and select `Connect Okta`.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-saml-general-settings.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/netbird-idp-list.png" alt="NetBird Identity Provider List" className="imagewrapper-big"/>
 </p>
 
-- Fill in the form will the following values and click `Next`
-    - Single sign-on URL: `http://localhost`
-    - Audience URI (SP Entity ID): `http://localhost`
+- Follow the displayed instructions to link your Okta account. Ensure to note the `Authorization(Bearer) token` generated for use in the subsequent step.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-saml-configuration.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-scim-credentials.png" alt="Okta SCIM Credentials" className="imagewrapper-big"/>
 </p>
 
-- Select  App type as `This is an internal app that we have created` and click `Finish`
+##### Step 3: Enable Provisioning in Okta
+
+- From the Okta dashboard, navigate to `Applications > Applications` and select the `NetBird` application.
+- Under the` Provisioning` tab, choose `Integration`, then select `Configure API Integration`
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-saml-configuration-feedback.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-provisioning.png" alt="Okta Provisioning Configuration" className="imagewrapper-big"/>
 </p>
 
-#### Step 2. Create Okta SCIM integration
-Refer to the [api.md](https://github.com/netbirdio/docs/blob/main/misc/idp-sync/api.md#okta-scim-endpoints) document for detailed instructions on how to create the integration.
-After creating, please take note of the `auth_token` from the response as we will use it in the next step.
-
-#### Step 3. Enable and configure SCIM provisioning
-Before proceeding with this step, we need to create
-- Navigate to Okta Admin Dashboard
-- Click `Applications` in the left menu and then click on `Applications`
-- Select the `NetBird SCIM` application we created earlier
+- Opt to `Enable API integration` and insert previously noted `Authorization(Bearer) token` into the `API Token` field.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-netbird-app-overview.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-provisioning-enabled.png" alt="Enabling Okta Provisioning" className="imagewrapper-big"/>
 </p>
 
-- Click `General` tab and in `App Settings` click `Edit` to update the settings
-- Tick `Enable SCIM provisioning` and click `Save`
+- Click `Test API Credentials` to verify the SCIM connection, then select `Save`.
+- Navigate to `Provisioning > Settings > To App`, click `Edit`, enable `Create Users`, `Update User Attributes`, and `Deactivate Users`, then select `Save`.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-scim-provisioning-enabled.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-to-app-configuration.png" alt="Okta to App Configuration" className="imagewrapper-big"/>
 </p>
 
-- Click `Provisioning` and under `SCIM connection` click `Edit`
-- Fill in the form will the following values and click `Save`
-    - SCIM connector base URL: `https://api.netbird.io/api/scim/v2`
-    - Unique identifier field for users: `userName`
-    - Supported provisioning actions: `Push New Users`, `Push Profile Updates`, `Push Groups`
-    - Authentication Mode: `HTTP Header`
-    - HTTP Header Token you obtained from NetBird : `nbs_zKY09...`
+##### Step 4: Sync Users to NetBird
+- Access the `Assignments` tab, click `Assign`, then `Assign to Groups`.
+- Choose the groups for provisioning, select `Assign` and then `Save and Go Back`.
+- Click `Done` to conclude the group assignment process.
 
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-scim-provisioning-settings.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-assign-users-by-group.png" alt="high-level-dia" className="imagewrapper-big"/>
 </p>
 
-- Click on `Test Connector Configuration` to verify if the SCIM configuration is working. After the test is completed,
-make sure `Create Users`, `Update User Attributes`, and `Push Groups` were successful.
-
+#### Step 5. Sync groups to NetBird
+- Access the `Push Groups` tab
 <p>
-    <img src="/docs-static/img/how-to-guides/okta-connector-configuration-test.png" alt="high-level-dia" className="imagewrapper-big"/>
+    <img src="/docs-static/img/how-to-guides/okta-push-groups.png" alt="high-level-dia" className="imagewrapper-big"/>
 </p>
 
-
-- Click `Save` and then click `Provisioning` tab
-
-<p>
-    <img src="/docs-static/img/how-to-guides/okta-scim-to-app-configuration.png" alt="high-level-dia" className="imagewrapper-big"/>
-</p>
-
-- Go to the `Provisioning` tab, and select the `To App` settings and click `Edit`
-- Enable `Create Users`, `Update User Attributes`, and `Deactivate Users` and click `Save`
-
-<p>
-    <img src="/docs-static/img/how-to-guides/okta-scim-to-app-sync-enabled.png" alt="high-level-dia" className="imagewrapper-big"/>
-</p>
-
-#### Step 4. Assign groups to application and push to NetBird
-
-This step will cover how to provision user sync using groups and push them to NetBird. If you are interested in managing single user
-access without using the groups, you can learn how to do it [here](https://help.okta.com/en-us/content/topics/users-groups-profiles/usgp-assign-apps.htm).
-
-- Go to the `Assignments` tab.
-
-<p>
-    <img src="/docs-static/img/how-to-guides/okta-groups-assignments.png" alt="high-level-dia" className="imagewrapper-big"/>
-</p>
-
-- Select the `Assign` and then click `Assign to Groups`
-- Select the groups you want to provision, and then select `Assign` and click `Save and Go Back`.
-- Select `Done` after you've finished assigning groups.
-
-At this point, all members of the groups assigned to the application will be synced to NetBird.
-
-- Go to the `Push Groups` tab
-
-<p>
-    <img src="/docs-static/img/how-to-guides/okta-sync-groups.png" alt="high-level-dia" className="imagewrapper-big"/>
-</p>
-
-- Select the `Push Groups` and then click `Find groups by name`
+- Select the `Push Groups` and then `Find groups by name`
 - Search groups to push and then click `Save`
-<p>
-    <img src="/docs-static/img/how-to-guides/okta-push-group-assignment.png" alt="high-level-dia" className="imagewrapper-big"/>
-</p>
-
 - The selected groups will then be synced to NetBird.
-<p>
-    <img src="/docs-static/img/how-to-guides/okta-group-push-status.png" alt="high-level-dia" className="imagewrapper-big"/>
-</p>
+
+<Note>
+    SCIM provisioning will manage only resources that are created through Okta. Any resources created directly in
+    NetBird will not be managed by SCIM.
+</Note>
+<Note>
+    Synced groups will only be available for membership and will not change the role of user in NetBird.
+</Note>