This deployment guide explains how to integrate Okta with Microsoft SharePoint (On-Premise). This includes instructions about how to configure Okta as a claims provider in SharePoint, deploy Okta People Picker for SharePoint agent, and uninstall the Okta authentication.


  • Install a supported version of Microsoft SharePoint:

    • SharePoint Foundation 2010
    • SharePoint Server 2010
    • SharePoint Foundation 2013
    • SharePoint Server 2013
    • SharePoint Server 2016
    Important Note


    Microsoft is ending support for SharePoint 2010. See Microsoft website for more information.

  • Run the prerequisites from the SharePoint installer.
  • Fulfill hardware requirements.
  • Fulfill version-specific requirements:

    Version Requirements
    SharePoint People Picker (versions before Install .NET Framework 3.5+
    SharePoint People Picker version Ensure TLS 1.2 is supported by your server.
    SharePoint 2010 Install .NET Framework 3.5 and one of the patches provided here.
    SharePoint 2013 or 2016

    Install .NET Framework 4.5+, which supports TLS 1.2.


    Install .NET Framework 3.5+ and one of the patches provided here.

  • A valid API token for the Okta People Picker plugin to read users and groups from Okta. See API.



    The API token is only visible upon creation and cannot be retrieved later. If the token is lost, it must be revoked, regenerated, and reconfigured in the People Picker configuration.



  1. Add SharePoint (On-Premise) in Okta
  2. Configure Okta as Claims Provider in SharePoint (On-Premise)
  3. Configure Okta SharePoint People Picker agent
  4. Deploy Okta People Picker for SharePoint agent
  5. Uninstall Okta People Picker and Okta Authentication



  1. For SharePoint 2010 only: Import security certificate to Trusted Root Certificate Authority
  2. Troubleshooting: Microsoft SharePoint On-Premise
  3. Frequently Asked Questions: Microsoft SharePoint On-Premise