Typical workflow for adding provisioning to an existing app integration

If you want to add provisioning to an existing Single Sign-On (SSO) SAML or OIDC app integration, it can be as simple as enabling the feature and configuring the provisioning feature settings.

However, if you want to test provisioning features or silently provision users using a new app integration, an alternative solution is to create a duplicate instance of the app integration in your Okta org and then grant your users access to this second instance of the provisioning app integration.

This table outlines the tasks needed to set up a cloud-based provisioning app integration and to configure it to work for your existing Okta org.

Task

Description

(Optional) Create and configure a duplicate app instance Create a second, separate instance of an app integration intended only for Okta provisioning
Configure provisioning for an app integration Configure your provisioning app integration to manage the user lifecycle between Okta and the application

Provision unprovisioned users

Manually add provisioning to any user accounts present before the Okta provisioning was active

Assign app integrations

Grant access to app integrations to your defined users or groups