About Profile Masters

A profile masterA profile master is an application (usually a directory service such as Active Directory, or human capital management system such as Workday) that acts as a source of truth for user profile attributes. A user can only be mastered by a single application or directory at any one time. For more details, see Using the Okta People Page. is an application (a directory service like Active Directory or LDAP, or an HR-management appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. such as Workday) that can act as the "source of truth" for user identities. Once enabled from the app or directory's Provisioning tab, it appears in the list of profile masters on the Profile Masters page. Without the inclusion of any external profile “master”, all profiles are mastered by Okta.

Currently, if more than one profile master exists on the Profile Masters page, they can be prioritized so that end usersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. can be mastered by different systems, based on their assignments. At any given time, there can only be one profile master that masters a user's entire profile.

Profile masters are powerful tools that can potentially manage the entire life cycle (creation, updates, and deactivation) of an Okta user. Admins leveraging Workday, for example, can allow Okta to receive user creation, updates, and termination events from Workday.

Okta is periodically adding profile master capabilities to an expanding number of apps and directories. The following apps and directories are among those available for profile mastering:

This is an Early AccessEarly Access (EA) features are opt-in features that you can try out in your org by asking Okta Support to enable them. Additionally, the Features page in the Okta Admin Console (Settings > Features) allows Super Admins to enable and disable some EA features themselves. feature. To enable it, please contact Okta Support.