Okta Org2Org supported features
This table lists the features and functionality available with an Okta Org2Org integration.
- Okta can't source users by Org2Org and Active Directory (AD) at the same time.
- Push password updates don't apply to users with the Federated provider type.
-
The Org2Org integration isn't available in Okta Developer Edition orgs. If you need to test this feature in your Developer Edition org, contact your Okta account team.
Feature |
Description |
---|---|
Import new users |
Users created in the connected org can be imported into Okta. |
Import profile updates |
Updates made to a user's profile in the connected org are downloaded and applied to the Okta user profile. |
Import user schema |
Imports more user attributes from the connected org. This is also known as schema discovery. |
Push new users |
Users created in Okta are also created in the connected org. |
Push password updates |
User password updates made in Okta are pushed to the connected org. This doesn't apply to federated users (for example, users from an external IdP in the source org or users provisioned through JIT). |
Push profile updates |
Updates made to the Okta user profile are pushed to the connected org. |
Push User Deactivation |
Deactivating a user or disabling app access in Okta removes all user data and the user account in the connected org. When a user is suspended, their data isn't removed and they can't access the app. |
Reactivate users |
User accounts can be reactivated in the connected org. When a user account is suspended in the downstream org (hub), and deactivated in the upstream org (spoke), a reactivate user action in the spoke results in the user being reactivated in both spoke and hub. |
Push groups |
Groups and their members can be pushed to the connected org. See Group Push. |
Profile sourcing |
Makes the connected org the profile source. |