Create and configure a duplicate app instance

Okta provisioning can be enabled on a Single Sign-On (SSO) app integration without removing the SSO functionality.

To avoid changing your SSO-enabled app integration, you can create a second instance of the app integration with Okta provisioning enabled. The SSO-enabled app integration and the provisioning-enabled app integration are "linked" by shared user folders. This allows you to handle provisioning through the SSO-enabled app integration.

The provision-enabled app integration runs in the background and isn't accessible to users. Users can only access the SSO-enabled app integration. The provision-enabled app integration only handles user lifecycle management actions.

  1. In the Admin Console, go to ApplicationsApplications.
  2. Click Browse App Catalog.
  3. Enter the name of the app integration in the Search field, click the application tile, and click Add Integration. Make sure that the app integration has Okta verification, SAML authentication, and allows provisioning.
  4. In the Application label field, enter a name for the duplicate app integration.
  5. Complete the remaining fields and click Next.
  6. Complete the Sign on methods, Advanced Sign-on Settings, and Credentials Details sections, and then click Done.

    Ensure that the option you select in Application username format is the same format used in the app integration that you're duplicating.

  7. Click Done.

Next steps

Configure provisioning for an app integration