Create and configure a duplicate app instance
Okta provisioning can be enabled on a Single Sign-On (SSO) app integration without breaking the SSO functionality.
However, if you would rather not make any changes to your SSO-enabled app integration, you can create a second instance of the app integration, but with Okta provisioning enabled. The SSO-enabled app integration and the provisioning-enabled app integration are "linked" through the use of common user folders. This allows provisioning to be handled through the SSO-enabled app integration.
The provision-enabled app integration runs in the background and is not accessible to end users. End users only have access to the SSO-enabled app integration from their catalog. The provision-enabled app integration only handles user lifecycle management actions.
- In the Admin Console, go to Applications > Applications.
- Click Add Application.
- Enter the name of the app integration in the Search for an application field and click Add next to the app integration you want to add. The app integration should have Okta verification, SAML authentication, and allow provisioning.
- In the Application label field, enter a name for the duplicate app integration.
- Complete the remaining fields and click Next.
- Complete the SIGN ON METHODS, ADVANCED SIGN-ON SETTINGS, and CREDENTIALS DETAILS sections and click Done.
Make sure the option you select in the Application username format list is the same format used in the app integration you are duplicating.
- Click Done.