RajiS.34215 (Customer) asked a question.
As I understand, when the integration (in this case Okta) hits the SCIM 2.0 server's endpoints (eg /Users), it will send a bearer token corresponding to the OAuth Bearer Token specified in Provisioning -> Integration (if I'm not wrong this is usually the IdP's API token key). My application is multitenant i.e, a customer can have multiple accounts in our Saas application.
As understand from SCIM RFC, a tenant information can be identified from the token.
Is it possible to have multiple provisioning jobs (/integrations) configured, with each integration pointing to a separate account in our SaaS application.
For example, in my dev account 123456, can I add multiple integrations of one app with different bearer token?
Hi @RajiS.34215 (Customer) , Thank you for reaching out to the Okta Community!
I think we discussed something similar here:
https://support.okta.com/help/s/question/0D54z000084mxKJCAY/how-to-support-scim-multitenant-feature-through-okta?language=en_US
In essence multiple tenants should be supported as long as you set up an app instance for each.
Although it was not SCIM, I've seen implementations with multiple O365 app instances that handled multiple Microsoft Tenants.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.