Okta Org2Org supported features
This table lists the features and functionality available with a Okta Org2Org integration.
- Users can't be sourced by Org2Org and AD at the same time.
- Push password updates don't apply to users with a provider type of Federated.
|
Feature |
Description |
|---|---|
|
Import new users |
Users created in the connected org can be imported into Okta. |
|
Import profile updates |
Updates made to a user's profile in the connected org are downloaded and applied to the Okta user profile. |
|
Import user schema |
Imports more user attributes from the connected org. Also known as schema discovery. |
|
Push new users |
Users created in Okta are also created in the connected org. |
|
Push password updates |
User password updates made in Okta are pushed to the connected org. Doesn't apply to federated users (for example, users from an external IdP in the source org or users provisioned through JIT). |
|
Push profile updates |
Updates made to the Okta user profile are pushed to the connected org. |
|
Push User Deactivation |
Deactivating a user or disabling application access in Okta removes all user data and the user account in the connected org. When a user is suspended, their data isn't removed and they can't access the application. |
|
Reactivate users |
User accounts can be reactivated in the connected org. When a user account is suspended in the downstream Org (Hub), and deactivated in the upstream Org (Spoke), a reactivate user action in the Spoke will result in user being reactivated in both Spoke and Hub. |
|
Push groups |
Groups and their members can be pushed to the connected org. See About Group Push. |
|
Profile sourcing |
Makes the connected org the profile source. |