Okta Org2Org supported features
This table lists the features and functionality available with an Okta Org2Org integration.
- Okta can't source users by Org2Org and Active Directory (AD) at the same time.
- Push password updates don't apply to users with the
Federatedprovider type. - The Org2Org integration isn't available in Okta Integrator Free Plan orgs. If you need to test this feature in your Okta Integrator Free Plan org, contact your Okta account team.
|
Feature |
Description |
|---|---|
|
Import new users |
Users created in the connected org can be imported into Okta. |
|
Import profile updates |
Updates made to a user's profile in the connected org are downloaded and applied to the Okta user profile. |
|
Import user schema |
Imports more user attributes from the connected org. This is also known as schema discovery. |
|
Push new users |
Users created in Okta are also created in the connected org. |
|
Push password updates |
User password updates made in Okta are pushed to the connected org. Note:
This doesn't apply to federated users (for example, users from an external IdP in the source org or users provisioned through JIT). |
|
Push profile updates |
Updates made to the Okta user profile are pushed to the connected org. |
|
Push user deactivation |
Deactivating a user or disabling app access in Okta removes all user data and the user account in the connected org. When a user is suspended, their data isn't removed and they can't access the app. |
|
Reactivate users |
User accounts can be reactivated in the connected org. When a user account is suspended in the downstream org (hub), and deactivated in the upstream org (spoke), a reactivate user action in the spoke results in the user being reactivated in both spoke and hub. |
|
Push groups |
Groups and their members can be pushed to the connected org. See About Group Push. |
|
Profile sourcing |
Makes the connected org the profile source. |