Create and configure a duplicate app instance

Okta provisioning can be enabled on a Single Sign-On (SSO) app integration without removing the SSO functionality.

To avoid making changes to your SSO-enabled app integration, you can create a second instance of the app integration, but with Okta provisioning enabled. The SSO-enabled app integration and the provisioning-enabled app integration are "linked" through the use of shared user folders. This allows provisioning to be handled through the SSO-enabled app integration.

The provision-enabled app integration runs in the background and is not accessible to users. Users can only access the SSO-enabled app integration. The provision-enabled app integration only handles user lifecycle management actions.

  1. In the Admin Console, go to Applications > Applications.
  2. Click Browse App Catalog.
  3. Enter the name of the app integration in the Search field, click the application tile, and click Add. The app integration should have Okta verification, SAML authentication, and allow provisioning.
  4. In the Application label field, enter a name for the duplicate app integration.
  5. Complete the remaining fields and click Next.
  6. Complete the SIGN ON METHODS, ADVANCED SIGN-ON SETTINGS, and CREDENTIALS DETAILS sections and click Done.

    Make sure the option you select in the Application username format list is the same format used in the app integration you are duplicating.

  7. Click Done.

Next steps

Configure provisioning for an app integration