Identity Provider Integration

Okta

Connect TigerIdentity to Okta for real-time identity sync, event streaming, and context-aware access control based on authentication state.

Book a DemoView Documentation

Key Features

Real-Time Sync

Automatically sync users, groups, and assignments from Okta within seconds of any change.

Identity Graph

Map Okta identities to your unified identity graph, correlating users across all systems.

SCIM Provisioning

Leverage SCIM 2.0 for bidirectional provisioning and deprovisioning workflows.

Event Streaming

Subscribe to Okta system log events for instant response to authentication and lifecycle changes.

Group Mapping

Automatically translate Okta groups into TigerIdentity roles and entitlements.

MFA Context

Ingest MFA verification status and authentication context for dynamic access decisions.

How It Works

1

Connect

Configure the Okta connector with your organization domain and API token.

2

Sync

TigerIdentity performs an initial sync of users, groups, and application assignments.

3

Stream Events

Subscribe to Okta system log events for real-time updates on authentication and lifecycle changes.

4

Enforce Policies

Use Okta identity data and authentication context in your TigerIdentity access policies.

Configuration Example

connector:
  type: okta
  name: "okta-production"

  config:
    domain: "your-org.okta.com"
    api_token: "${OKTA_API_TOKEN}"

  sync:
    users: true
    groups: true
    applications: true

  events:
    - user.session.start
    - user.authentication.verify
    - user.account.update_profile
    - group.user_membership.add
    - group.user_membership.remove

  mapping:
    user_attributes:
      - okta: email
        tiger: email
      - okta: department
        tiger: department
      - okta: manager
        tiger: reports_to

Use Cases

Workforce Identity Source

Use Okta as your primary identity source for employees, syncing org structure and group memberships.

MFA-Based Policies

Create access policies that require MFA verification from Okta before granting high-privilege access.

Just-In-Time Provisioning

Automatically provision access to downstream systems when users are added to Okta groups.

Session Revocation

Instantly revoke all active sessions across your stack when Okta sessions are terminated.

Ready to connect Okta?

See how TigerIdentity integrates with your Okta environment in a personalized demo.

Schedule Your Demo