Okta SCIM User & Group Sync Configuration
For an overview of the Okta configuration process, see this article.
If you would like to sync users and groups from Okta to Twingate, you need to set up SCIM. To do this, you must first set up the Twingate application from Okta’s Integration Catalog.
The following SCIM provisioning features are supported
- Create users in Twingate from Okta
- Update user attributes in Twingate from Okta
- Deactivate users in Twingate that have been deactivated in Okta or removed from the Okta Twingate app
- Group push from Okta to Twingate
Okta SCIM-based provisioning is supported for Twingate customers on the Business and Enterprise tiers.
Note that you don’t need to specify the SCIM endpoint in the Twingate Okta app as this was configured when you first installed the application.
“Test API Credentials” will succeed if the token is entered correctly.
Do not change SCIM Attribute Mappings.
Users who were previously assigned to the Okta Twingate app will immediately be synced to Twingate.
Only users that have already been assigned to the app, and thus provisioned to Twingate, will be added to the group membership correctly. To guarantee that all users from the group will sync correctly, you should assign the group to the app.
Last updated 2 months ago