Configure SCIM with Okta

Configure and verify AuthOS SCIM provisioning from Okta

AuthOS release 0.8.2 TypeScript SDK 0.8.0 Latest-only documentation
Updated Jul 15, 2026 Edit this page
On this page

This Beta recipe reflects the documented provider flow but is not evidence of certification or interoperability with every provider release. Test it in a non-production tenant before rollout.

Okta Integration

1. Create SCIM Token

Follow Step 1 above to generate a SCIM token.

2. Configure Okta Application

  1. Log into Okta Admin Console
  2. Navigate to Applications → Select your application
  3. Click the Provisioning tab
  4. Click Configure API Integration

3. SCIM Connection Settings

Configure the following settings:

Field Value
SCIM Base URL https://auth.example.com/scim/v2
Unique Identifier userName
Authentication Mode HTTP Header
Authorization Header Bearer scim_live_your_token

4. Test Connection

Click Test API Credentials to verify the connection.

Expected Result: “Credentials verified successfully”

If the test fails:

  • Verify the SCIM base URL is correct and accessible
  • Check that the token was copied completely (no extra spaces)
  • Ensure the token hasn’t expired
  • Confirm HTTPS is used (HTTP will fail)

5. Enable Provisioning Features

In ProvisioningTo App, enable:

  • Create Users: Automatically create users in AuthOS
  • Update User Attributes: Sync profile changes
  • Deactivate Users: Deactivate users when suspended in Okta

6. Configure Attribute Mappings

Navigate to ProvisioningTo AppAttribute Mappings

Recommended mappings:

Okta Attribute AuthOS Attribute
email userName
email emails[0].value
displayName displayName
firstName name.givenName
lastName name.familyName

7. Assign Users and Groups

  1. Go to Assignments tab
  2. Click AssignAssign to People or Assign to Groups
  3. Select users/groups to provision
  4. Click Assign

Okta will immediately start provisioning the assigned users to AuthOS.

8. Verify Provisioning

Check AuthOS to confirm users were created:

// List users in the organization
const users = await sso.organizations.listUsers('acme-corp');
console.log('Provisioned users:', users);

Next steps

Complete the SCIM validation guide before production, or return to the provider chooser.