Provision users from EAA

If you are using ​Akamai​ Enterprise Application Access (EAA) identity provider, you can import user accounts from EAA. With automatic provisioning, you can synchronize users' access privileges from your EAA directories to the ​Akamai MFA​ user directory. When the provisioning process is completed, you can then email and invite users to the ​Akamai MFA​ service.
See the EAA guide to learn more.

Prerequisites

  • You must have both Enterprise Application Access and ​Akamai MFA​ on the same contract.

  • If you want to send an enrollment email to users provisioned from your MFA directory, make sure each user in this directory has a valid email address. Users who don't have the email attribute field populated in their MFA user profile won't receive the enrollment email.

How to

  1. In the Enterprise Center navigation menu, select Multi-factor Authentication > Identity & Users > User Provisioning.

  2. Click Add Provisioning (+).

  3. On the User Provisioning page, select EAA provisioning and enter its unique name.

📘

EAA user provisioning is only available if you have Enterprise Application Access on your contract and if you haven't created the EAA user provisioning before.

  1. Click Save and Deploy

  2. On the SCIM provisioning configuration page, scroll down to Directories and click the Associate (clip) icon.

    The list of your existing EAA directories opens.

  3. Select directories you wish to provision and click Associate.

  4. Now, for each directory, select groups for which you want to enable ​Akamai MFA​. Click the Associate (clip) icon.

  5. Click Sync to run the directory synchronization.

📘

The automatic synchronization takes place every six hours. If you want to provision user accounts immediately, you have to sync the changes manually.

On the provisioning configuration page, you can also enable this setting:

  1. Send enrollment emails. Toggle on to send the enrollment emails to the new users whose accounts were synced up with ​Akamai MFA​. With this setting, new users receive an email with the enrollment link that lets them register their trusted device in the ​Akamai MFA​ service for authentication purposes.

  2. Click Save & Deploy.

  3. To update your synced directories or groups after the initial user provisioning, follow these steps:

    1. To add or delete a directory, navigate to Directories and click the Associate (clip) icon.
      The list of the configured directories opens.
    2. Select directories that you want to add or delete, and click the Associate (clip) icon.
    3. To add or delete a group, navigate to the directory that you want to edit, and click the Associate (clip) icon.
      The list of all groups belonging to this directory opens.
    4. Select groups that you want to add or delete, and click the Associate (clip) icon.
    5. Click Save and Deploy.

    This overwrites and saves the latest changes to your ​Akamai MFA​ directory.
    You can perform this task any time you have to update your existing groups and directories.


Did this page help you?