In what cases is it possible to manage the ServiceNow role-assignment automatically from Okta?
This is about a situation where:
Okta is integrated with an AD and also with ServiceNow (through SAML)
Provisioning is enabled for the ServiceNow integration
Users were already assigned to groups in ServiceNow before the integration was set up
The goals are:
Maintain ServiceNow roles by assigning them to groups rather than individuals
Make sure users can retain the ServiceNow roles that they have currently
Automatically grant specific users some specific role(s) in ServiceNow
Especially the last point is important, and based on that we want users to be automatically assigned to groups (which have specific roles) based on some automated process.
However when I imported the groups and users from ServiceNow, I noticed that the groups were imported as empty and that I was not able to assign any users into them (Okta says that this is because it is managing the groups).
Is it possible to configure Okta to automatically assign users to specific ServiceNow groups? What Okta functionality can I use for this in this particular situation?
In order to get the users assigned to a group in ServiceNow you will need to configure Push Groups under the ServiceNow application settings in the Okta Admin console. Additional mappings for the AD groups would need to be considered, in which case I would suggest looking for the deploment and setup guides by logging into the Okta support site with your Okta Admin credentials.