We don't have Windows AD and we have Office 365, is it possible to select which users to be federated?
The reason for this is that we have 2 groups of users: 1. Staffs - we like to implement SSO and provisioning with Okta for Office 365. 2. Clients and contractors that only use SharePoint Online, we like them to login to Office 365 directly; we can manage their accounts in Office 365 admin portal.
Both groups of users uses the same domain in Office365.
in office 365 you are configuring a domain to be delegated (not the users).
So you could accomplish this by configuring the different user account persona's within a different domain (not the AD domain type, just domain name). they would have to be a different domain and not a subdomain as the subdomains inheirit the authentication type of their parent domain.
I think what you want is technically possible but is likely more involved than just changing the authenitcaiton type for a subset of users.