Provisioning options for Office 365
This topic explains different provisioning options available for an Office 365 app instance in Okta.
| Operations supported | Provisioning options | |||
|---|---|---|---|---|
| Licenses and Roles Management Only | Profile Sync | User Sync | Universal Sync1 | |
| Provision Users | ||||
| Push licenses and roles | Y | Y | Y | Y |
| Create user | N | Y | Y | Y |
| Deactivate user | Y | Y | Y | Y |
| Edit user directly from within Office 365 | Y2 | Y | N3 | N4 |
| Sync profile attributes5 | ||||
| Sync basic user profile attributes | N | Y | Y | Y |
| Sync limited number of extended attributes in addition to the basic attributes | N | N | Y | Y |
| Sync all extended attributes | N | N | N | Y |
| Sync AD groups and resources6 | ||||
| Sync security groups | N | N | N | Y |
| Sync contacts | N | N | N | Y |
| Sync distribution lists | N | N | N | Y |
| Sync resource mailboxes | N | N | N | Y |
- User Sync and Universal Sync cannot be used with Directory Synchronization, Azure Active Directory Sync, or Azure Active Directory Connect.
- Once you select User Sync or Universal Sync, you cannot modify your selection back to Profile Sync, except if your org has the AAD graph API feature enabled.
- Exchange Hybrid is currently not supported.