how to provision okta with sql database user table

Question

I have enterprise application(say xyz) which is developed in asp.net mvc and deployed in Azure App service. our database deployed in azure virtual machine. user management flow is written in xyz application (like authentication, registration, active -deactive etc) and it store in tblUsers.

I have been asked to integrate okta for authentication (single sign-on with SAML 2.0), and provisioning.

Somehow I have managed integration for authentication with the help of below link https://github.com/bvillanueva-mdsol/OktaSaml2OwinSample

could you please help me to understand to synchronize users bi-directional. so

1. if okta admin create user it should update in xyz application database user table.
2. if a user has been created through xyz application , get updated or added user in Okta.

I have gone through below link but it is not fruitful https://help.okta.com/en/prod/Content/Topics/Provisioning/lcm/lcm-provision-application.htm

note : user role provisioning not in scope

Answer 1

Types of provisioning in okta

1. Upstream (to okta) : follow postman link which is provided by Okta https://app.getpostman.com/run-collection/9daeb4b935a423c39009 you have to just create API token from Okta and pass it to postman header
2. Downstream (from okta) please refer below link How to construct valid event Webhook endpoint/url for OKTA Event Hook?

Answer 2

Usually it's not a good idea to go bi-directional, but...

You need to implement a connector to your application which will support user provisioning and user import operations.

Use this https://help.okta.com/en/prod/Content/Topics/Provisioning/opp/OPP-main.htm to get yourself started. You can either go SCIM or OPP route, depending on your requirements (OPP will require you to have a VM with OPP agent running on it)