<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000AIbZk0CQFOkta Classic EngineIntegrationsAnswered2024-12-11T17:12:57.000Z2024-12-10T15:02:29.000Z2024-12-11T17:12:56.000Z

RadhikaB.15132 (Customer) asked a question.

December 10, 2024 at 3:02 PM
Understanding details about SCIM integration in app

Hi team,

We are trying to add SCIM integration to our app. We want to be able to use the same app so that the admins do not have to assign the app to their users again. I have a few questions related to it -

  1. Is there a way to pull data from Okta to our system when integrating SCIM, to backfill our data.
  2. In case we cannot pull it, Is there a way to migrate the users/groups assignment to a new app automatically from an older app?
  3. Is there a way to add the SCIM integration to the same app? Currently I do not see the "Provisioning Tab"
  • 2 answers
  • 218 views

  • MatthewH.10249 (State of Iowa)

    You application implements the SCIM endpoints and the Okta app you create calls those endpoints when someone is assigned or unassigned from the app in Okta or user profile data is updated or the Okta account id deactivated or deleted. What your app does for each of these events is totally up to your code.

     

    1. When someone is assigned to the Okta app it triggers the create account SCIM endpoint your code could then look and see if that user already exists in your data and link up if it does to do the backfill you want. Here is documentation from Okta on how SCIM works --> https://developer.okta.com/docs/concepts/scim/
    2. If you are talking about groups in Okta you could implement Group Push leveraging old groups in the new Okta app. https://help.okta.com/en-us/content/topics/users-groups-profiles/usgp-about-group-push.htm
    3. Here is a link to how to add SCIM provisioning to app integrations --> https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_scim.htm

     

    We have some Okta app integrations were we have SCIM configured in it along with authentication settings (OIDC/SAML) and some where we split the SCIM into a separate app integration away from authentication integration. We do this when the Okta OIN app template does not have an option to configure SCIM or when we want to assign somewhat different sets of users for authentication needs vs SCIM needs which is rare. If we want to configure just SCIM as a standalone integration in Okta we typically would use the SAML 2.0 app instance and not configure the authentication settings.

    Expand Post

  • Mihai N. (Okta, Inc.)

    Hi @RadhikaB.15132 (Customer)​ , Thank you for reaching out to the Okta Community! 

     

    The following article goes of the SCIM options: 

    https://developer.okta.com/docs/concepts/scim/

     

    As for question no.3, if you set up a custom app using the Okta Application Integration Wizard, check first under the app's General tab to see if provisioning is enabled there. Once you enable SCIM, the Provisioning tab should show up:

    Sign 

    For an a more details discussion on SCIM provisioning, I recommend reaching out to our dedicated Okta Developer Forum via devforum.okta.com to take advantage of their expertise.

    While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features (non-custom/developer work). 

     

     

     

    If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you. 

     

    Hope my answer helps! 

     

    --

    Ask Us Anything about Okta FastPass - now thru December 11th.

    Expand Post
This question is closed.
Loading
Understanding details about SCIM integration in app