Efficient agent onboarding is critical for the success of modern contact centers, where staffing changes are frequent due to business needs, seasonal demands, and specialized skills. Automating agent provisioning can reduce errors, enhance security, and speed up the onboarding process. This integration enables automatic agent provisioning, ensuring accuracy, compliance, and streamlined onboarding through an architecture that leverages Okta Web Hooks, AWS Lambda, Amazon API Gateway and Amazon Connect.
- An agent is added to the Amazon Connect group in Okta.
- Adding the agent to the Amazon Connect Agents group triggers an Event Hook in Okta, sending the agent details to the Amazon API Gateway.
- Amazon API Gateway calls the AWS Lambda function to process the request.
- The Lambda function uses the agent details to create the agent in Amazon Connect using CreateUser API.
- Configure Single Sign-On for Amazon Connect Using Okta
- Before you begin CDK deployment, ensure you have the following IDs ready: Amazon Connect Instance ID, Security Profile ID, and Routing Profile ID.
- Run the following commands to start CDK deployment
git clone https://github.com/aws-samples/amazon-connect-user-provision-with-okta.git
cd amazon-connect-user-provision-with-okta
chmod a+x bootstrap.sh start.sh cleanup.sh
./bootstrap.sh
./start.sh
Copy the OktaConnectorStack.ApiUrl value from the final output after the execution completes. This URL will act as the endpoint for your Okta Event Hook.
- Log in to the Okta Admin Console. - Access your Okta Admin Console dashboard using your admin credentials.
- Navigate to the Groups Menu. Go to the Directory section and Click on the Groups menu.
- Create a New Group. Click the Add Group button, in the form that appears: Enter a Name: Amazon Connect Agents. Optionally, add a Description. Click Save to create the group.
- Navigate to Groups and click on the newly created Amazon Connect Agents group.
- Assign the Amazon Connect Application. Click the Assign Applications button, from the list of available applications, select Amazon Connect.
- During assignment, select the Okta_Role option. Click Save and Go Back to complete the process.
- Navigate to the Setting Menu. Go to the Features Menu and enable Event Hook Filtering.
- Navigate to the Workflow Menu. Go to the Even Hooks section and Click Create Event Hook.
- Complete these fields:
Endpoint URL: Enter the endpoint URL (OktaConnectorStack.ApiUrl output that was provided during CDK deployment)
Event Hook name: Enter a unique name for the event hook.
Description: Enter the purpose and a description of the event hook.
Select Events: Select User added to group option form dropdown menu.
- Click Save & Continue.
- Select the Apply Filter option, then click on the Use Okta Expression Language (Advanced) link.
- Next, paste the following expression language into the provided field:
event.target.?[type eq 'UserGroup' && displayName eq 'Amazon Connect Agents'].size()> 0and click Save.
- To activate the hook, verify endpoint ownership by clicking the Verify button. You should receive successful verification message.
- Log in to the Okta Admin Console. - Access your Okta Admin Console dashboard using your admin credentials.
- Navigate to the People Menu. Go to the Directory section and Click on the People menu.
- Click the Add Person button, complete the Add Person form, and then click Save.
- Navigate to the Groups Menu. Go to the Directory section and Click on the Groups menu.
- Select Amazon Connect Agents group and click on Assign people button. Select user you just created by clicking on the + sign.
- Login to your Amazon Connect instance.
- In the left-hand navigation pane, go to Users and select User Management. You should now see that the agent created in Okta has been automatically provisioned in Amazon Connect.
In your terminal, move into the root directory cd amazon-connect-user-provision-with-okta
Run ./cleanup.sh command
Optionally, remove Web Hook from Okta
- Amazon Connect Boto3 document(Python)
- Amazon Connect API reference
- Configure Single Sign-On for Amazon Connect Using Okta
- Okta Automations and hooks - Event hooks
If you encounter a bug, please create a new issue with as much detail as possible and steps for reproducing the bug. See the Contributing Guidelines for more details.
See CONTRIBUTING for more information.
This library is licensed under the MIT-0 License. See the LICENSE file.