<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00009hYRdKCAWOkta Classic EngineAdministrationAnswered2025-09-13T09:01:51.000Z2023-09-28T13:35:34.000Z2023-10-18T15:34:46.000Z

AdamH.05926 (Customer) asked a question.

September 28, 2023 at 1:35 PM
Is it possible to push all push groups at one time?

We are using group push to populate groups inside of Servicenow. These groups are not the ones used to assign the application.

We are having issues with the group push not occurring in a timely manner. A user might be removed from a push group a week ago, but the group push shows the last push for that group was a month ago. If I manually push the group it then updates correctly in Servicenow.

We have large number of push groups and it is time consuming to manually push each one. I do not see any option to Push All at once. IS this possible somehow? Possibly via an API call?

  • 5 answers
  • 1.39K views

  • MatthewH.10249 (State of Iowa)

    I've not found any such functionality to push all push groups at once. I found the following post where the idea of an API was brought up. Push Group API #119162 is in "Product Review" state.

    https://support.okta.com/help/s/question/0D54z00006wp2XpCAI/set-up-provisioning-and-push-groups-via-api?language=en_US

     

    My organization uses push groups to ServiceNow and we ran into issues when we tried to use the "by rule" and was told ServiceNow had not fully implemented push groups to leverage "by rule" so we had to use "by name". We have not had any issues since and it has been a couple years since we did this. I don't recall exactly what the issue was but if you are using "by rule" push groups to ServiceNow perhaps it is related.

    Expand Post
    Selected as Best

  • MatthewH.10249 (State of Iowa)

    I've not found any such functionality to push all push groups at once. I found the following post where the idea of an API was brought up. Push Group API #119162 is in "Product Review" state.

    https://support.okta.com/help/s/question/0D54z00006wp2XpCAI/set-up-provisioning-and-push-groups-via-api?language=en_US

     

    My organization uses push groups to ServiceNow and we ran into issues when we tried to use the "by rule" and was told ServiceNow had not fully implemented push groups to leverage "by rule" so we had to use "by name". We have not had any issues since and it has been a couple years since we did this. I don't recall exactly what the issue was but if you are using "by rule" push groups to ServiceNow perhaps it is related.

    Expand Post
    Selected as Best

  • AdamH.05926 (Customer)

    We aren't using the "By Rule" option. Our issue is that the group push doesn't keep the groups in Servicenow in sync. It's almost like Okta isn't seeing the change to the group we are using so it doesn't trigger a push to Servicenow.

     

    I'm not really sure what triggers a push from Okta. Is it a user update or group membership update?

    Expand Post

    • MatthewH.10249 (State of Iowa)

      I was under the impression it is group membership (add/remove) that triggers the push from Okta.

       

      If you are making group membership changes in ServiceNow manually to groups that were created via Push Group then that might cause sync issues. The following comment is made in the "About Push Groups" documentation; "Making changes to the group in the target app causes synchronization issues with Okta."

      https://help.okta.com/en-us/content/topics/users-groups-profiles/usgp-about-group-push.htm

       

      I'm glad you pointed out your push groups were not groups used for app assignment as that can cause issues as well.

      Expand Post

  • AdamH.05926 (Customer)

    I don't really have any way to verify if Servicenow admins are making changes to the groups.

     

    I can see some of our groups haven't pushed to Servicenow in months, despite changes. When you have hundreds of groups being pushed having to manually figure out which ones are out of date and manually telling it to push is very difficult to maintain.

     

    Even just having an option to export the group pushes with their last dates would be beneficial.

    Expand Post

  • a0n5s (a0n5s)

    My client encountered that the changes in AD group were not synchronized to okta in time, and it took several days to synchronize. Later, the logs of the AD Agent have been overwritten, and we cannot find the cause, so we can only wait for the next time.

This question is closed.
Loading
Is it possible to push all push groups at one time?