Import users to Office 365 using Microsoft Graph API

You can import users from different source directories into Okta and provision them in Office 365 using Microsoft Graph API.

Before you begin

Complete Configure Single Sign-On for Office 365.

Start this task

To import users using the Microsoft Graph API, complete the following steps:

Enable API integration and provide Microsoft admin consent

If you've already set up Okta to Office 365 provisioning and provided Microsoft admin consent, you can skip this procedure and start importing from Microsoft Office 365.

You can automate provisioning tasks by enabling API integration and granting admin consent. Office 365 requires a token to authenticate against the Microsoft API. This allows Okta to implement provisioning in Office 365.

  1. Go to Office 365ProvisioningAPI IntegrationConfigure API Integration.
  2. Check Enable API Integration.
  3. Enter Admin Username and Admin Password.

  4. Click Authenticate with Microsoft Office 365. You're redirected to the Microsoft account sign-in page.

  5. On the Microsoft account sign-in page, do the following:

    1. Sign in to Microsoft as a Global Administrator for your Microsoft tenant.

    2. Read and accept the instructions that are listed on the Okta Microsoft Graph Client page.

  6. To import groups now, check Import Groups.

    You can import groups later after finishing provisioning. See Skip importing groups during Office 365 user provisioning.

  7. Click Test API Credentials.
  8. Save the credentials once they're verified successfully. You can now go to the Imports tab and start importing from Microsoft Office 365.