Federation Broker Mode known limitations

The following are the known limitations of Federation Broker Mode:

• Federation Broker Mode is only available for custom SAML and OIDC app integrations. It's not supported for apps in the OIN or API Services integrations.
• Universal Logout doesn't work with custom SAML and OIDC apps if you've enabled Federation Broker Mode. Use explicit user assignments instead.
• Provisioning isn't enabled for the app integration when using this mode.
• Unsupported tabs, like Provisioning, Imports, Group Push, and Mobile, are hidden.
• Apps are available to users through Service Provider (SP)-initiated flows only.
• If an app was assigned before Federation Broker Mode was enabled, existing app data might be lost. Mappings from Okta to app user profiles remain and are rebuilt when the user signs in to the app.
• Apps don't appear on the Okta End-User Dashboard.
• The app Assignments tab no longer lists user assignments.
• Specific app assignment isn't possible.
• The Current Assignments and Recent Unassignments reports aren't available.