Enable Salesforce provisioning

To allow user and group data to be shared between Okta and Salesforce, you need to configure the provisioning settings. You'll need the Salesforce account username and password and the token to configure the provisioning settings. In future, if you reset the account password, Salesforce provides you with a new token and you'll need to edit the Salesforce provisioning settings.

  1. Create an administrator account in Salesforce.

  2. On the Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, click Applications.

  3. In the search field, enter Salesforce and click Salesforce.com.
  4. Click the ProvisioningProvisioning is the enterprise-wide configuration, deployment, and management of multiple types of IT system resources. Specifically, provisioning provides users access to equipment, software, or services. This involves creating, maintaining and deactivating required business process automation objects and attributes in systems, directories, and applications. tab and click Configure API Integration.
  5. Select the Enable API integration check box.

  6. Complete the Username and Password + Token fields. Do not add spaces or other characters between the password and token.

    Important Note


    • To avoid breaking the integration when the password is reset, use a dedicated API account for connecting Okta to Salesforce.
    • Do not enable delegated authentication in Salesforce for the API user specified here.
  7. Optional. Select the Allow Pushing Null Values check box to allow null values to be pushed from Salesforce to Okta.

  8. Optional. Click Test API Credentials to test the API integration.
  9. Click Save.

  10. Optional. To edit the Okta to Salesforce provisioning settings, select To AppAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. in the SETTINGS list and then click Edit.
  11. Click Save.
  12. Optional. To edit the Salesforce to Okta provisioning settings, select To Okta in the SETTINGS list and then click Edit.

  13. Click Save.

  14. Assign users to Salesforce. See Assign and unassign apps to users.