Okta Directory
The Okta directory integration syncs your Okta user directory with Incode, enabling employee lookups and claims matching during identity verification sessions. This integration is a prerequisite for any Okta-connected use case that requires verifying a user against their directory record, including Helpdesk verifications, Self-Serve Portal resets, and claims matching in IAM flows.
This is a directory-only integration. It does not trigger verification sessions. For authentication-layer integrations with Okta, see Okta IDV Standard
Prerequisites
- Access to the Integrations page in Dashboard. Contact your Incode Representative if you do not see the Integrations page.
- An Okta administrator account with permissions to create and manage integrations.
What Gets Synced
When the Okta directory integration is active, Incode syncs user and group data from your Okta instance. Synced attributes are used to look up users by loginHint and to supply claims for matching against verified identity data.
The following Okta user profile attributes are used by Incode, depending on your claims matching policy configuration:
| Attribute | Used for |
|---|---|
| Email / login | Primary user lookup (loginHint) |
| First name, last name | Name claim matching |
| Date of birth | DOB claim matching |
| Address fields | Address claim matching |
| Phone number | Phone claim matching |
| Group membership | Policy routing and scoping |
Make sure the relevant attributes are populated for all users in the groups you intend to sync. Missing attributes will cause claims matching failures for those users.
Set Up Guide
Step 1: Create the Okta Directory Integration in Incode
- Log in to Dashboard.
- In the left navigation, click Integrations.
- Click New integration.
- From the Directory tab, click Okta Directory, then click Continue.
- Enter a Directory Name.
- Enter your Okta Instance URL in the format
https://your.company.name.okta.com. - Enter a Client ID for the Okta service application.
- You can enter a User Group ID to assign to Workforce.
- Click Save.
Step 2: Authorize Directory Access in Okta
After saving the integration from Step 1, Incode will initiate an authorization flow to request read access to your Okta directory. Follow the prompts in your Okta Admin Console to approve the required permissions.
Note: You must have Okta administrator permissions to approve directory access. If permissions are rejected or you lack sufficient privileges, the integration will remain in an incomplete state and the setup process must be restarted.
Step 3: Trigger a Directory Sync
Once authorized, trigger a Directory Sync to import your users into Incode. To do this:
- In the left navigation, click Integrations.
- From the Directory tab, locate the directory you want to sync.
- On the integration card, click Sync directory.
Depending on the size of your directory, the initial sync may take some time.
View Synced Users
You can view synced users and their enrollment status by clicking Directory information in the left navigation.
Updated about 1 hour ago