This article explains how to establish an OIDC connection between Okta and Zscaler. This connection uses Okta as an OpenID Provider (OP) for ZIdentity for facilitating SSO to various Zscaler services for admin access management and user authentication. The OIN-based integration uses SCIM-based provisioning.  

• OpenID Connect (OIDC) 
• ZIdentity Version 2.1.151-8d3b140-8808-UI-1694502295
• Administrator login credentials to ZIdentity.
• Okta Identity Engine
• SCIM support, which requires Okta Lifecycle Management (LCM) SKU
• Administrator login credentials to Okta

Before beginning

Make sure to have the following: 

• An Okta org that has the SCIM Provisioning feature enabled. This feature is tied to the Lifecycle Management SKU. If it is not enabled, please reach out to the designated Okta Account Executive or to Okta Support in order to enable it.
• An Okta org that has the "API Access Management" enabled for access to Custom Authorization Servers. 
• A Zscaler account with access to the ZIdentity management portal.

Detailed information to integrate Zscaler with Okta is available in the following Zscaler documentation on page 18 in the section: "Configure ZIdentity Identity Provider with Okta as OP" as per ZSCALER AND OKTA DEPLOYMENT GUIDE.