You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
We have a case where existing users keep inviting new users from the company to the application. Now even though we have SCIM enabled the users register via the manual method and are out of sync with the IdP SCIM and cannot be managed by SCIM.
Now I know, Okta has an import function to resolve this but thats not something I am given access to. So wondering if there is another way to enable on-going sync with IdP so that any new manually added user becomes managed by SCIM at a later point?
I understand the requirements: Yes, the user must exist in our IdP group for authentication/SSO but might not have been assigned the app for SCIM group provisioning. Does that make sense? Or am I doing something wrong?
Agreed. If the user has already been invited manually and you assign a user with the same email address in Okta, then we will match it to the existing account. The profile details from Okta will become the source of truth and the user will be fully managed in Okta like any other IdP-managed user.
On the end user's side, they won't notice a thing unless they had manually set profile details (like job title) already. In that case they would get overwritten by the values from Okta.