Single sign-on is just one aspect of federation. First, an account for the user must be created to grant access to your application. In order to “automate” this process, your application should expose APIs to manage the account lifecycle such as user account creation, profile updates, authorization settings (such as groups or roles), account deactivation, etc.

While many ISVs use proprietary APIs, Okta recommends that you implement your API using the System for Cross-domain Identity Management (SCIM) which supports all of the key features needed in provisioning.

For details on how to integrate your application with SCIM, go to Okta’s SCIM Provisioning Developer Program for additional guidance. Once you are ready you can submit your app by following the steps below.

Publishing Your SCIM-Based Provisioning Integration

In order to allow customers to use your SCIM provisioning integration with Okta, you’ll need to get your app published in the Okta Integration Network.

  1. Review Okta’s SCIM docs and prepare your app
  2. Test Your SCIM Server
  3. Submit for Okta review and testing
  4. Publish to Okta Integration Network (OIN) in Partner-Built EA
  5. Become Okta-Verified in the OIN

Need help? View the FAQ section, post a question on the Developer Forum or email us at


Featured Guides