Managing users with Okta SAML & SCIM

Omni supports SAML-based single sign-on (SSO) through Okta, along with SCIM provisioning and user attribute syncing. These features let you centralize authentication, automate user management, and ensure consistent access controls across your organization.

Supported features

Omni supports the following Okta provisioning features:

• Push users - Users in Okta that are assigned to the Omni application in Okta are automatically added as users in Omni.
• Update user attributes - When user attributes are updated in Okta, they will be updated in Omni.
• Remove/deactivate users - When users are removed or deactivated in Okta, their membership to your Omni organization will be revoked.
• Reactivate users - Reactivating a user will create a new user in Omni with a new external ID.
• Push groups - Groups and their members in Okta can be pushed to Omni as Omni groups and group members.

Limitations

Omni does not currently support the following Okta provisioning features:

• Sync password
• Enhanced group push

Additionally, note that user sessions will expire after 24 hours. This is not currently configurable.

Getting started

The first step to integrating with Okta is to configure SAML authentication.

From there, you can:

• Use SCIM to provision users & user groups
• Sync Okta user attributes to Omni