Okta Configuration


Twingate integrates with Okta in order to both synchronize user accounts and delegate user authentication to Okta. Only users that are assigned to the Okta Twingate application will be able to use Twingate and access private resources.

Twingate delegates the following functions to Okta via the Okta Twingate application:

  • User authentication via OpenID Connect
  • User and group synchronization via SCIM

When activating your Twingate account with Okta, you will need to set up an Authentication Policy with the credentials from the Okta Twingate application. You can configure what Okta sign in policies apply to users of the Twingate client application via this Okta Twingate application.

Steps to configure the Okta Twingate integration

  • Create and configure the Twingate application in the Okta Admin console
  • Complete and validate the integration configuration in the Twingate Admin console

Supported Features

Currently we support Service Provider Initiated (SP-Initiated) SSO via OpenID Connect (OIDC), and SCIM for user and group sync.


Okta OIDC integration is supported for Twingate customers on the Business and Enterprise tiers.

Setting up the Okta Twingate application

The first step is to activate the Twingate integration in Okta. See the steps below to complete this configuration.

-> Configure the Twingate Okta Application

Configuring SCIM for User & Group synchronization

Twingate uses the SCIM protocol to synchronize Okta users & groups. This synchronization must be configured separately in Okta following the steps below.

-> Configure SCIM synchronization

Last updated 3 months ago