Skip to main content
You need administrator access to the Forest project.

Supported Features

The Okta SCIM integration enables:
  • User provisioning from Okta to Forest
  • Updating user roles, permission levels, and tags
  • Deleting users when removed from the Forest app in Okta
  • SCIM Groups for team assignment
  • Read-only userName (email format) and name fields post-creation

Setup Process

Step 1: Add Forest App

Navigate to Okta Applications tab, browse the app catalog, and select Forest. Assign a descriptive label.

Step 2: Authenticate Okta

Enable the User provisioning feature in Forest project settings. This generates an API token to paste into Okta’s Integration tab.

Step 3: Configure Mapping Rules

Create rules for mandatory fields: teams, role, permissionLevel, and optional tags. Values must match existing Forest configurations. Ensure mapping direction flows from Okta to Forest. Required Parameters:
  • permissionLevel: Must be admin, editor, user, or developer
  • role: Must match existing Forest roles
  • teams: Team names for user assignment
  • tags: Optional key/value pairs for user tagging

Step 4: Manage Groups

In Okta’s Directory section, create groups matching Forest teams. Use the “Push groups” tab to link Okta groups with Forest teams. Optionally disable group renaming to prevent Okta from overwriting team names.
Removing a group in Okta that was created from, or linked to, a Forest team will delete that Forest team.
When you link an Okta group to a Forest team, the team is renamed to match the group name, unless you disable that option.

Custom Attributes

Add custom user attributes via Directory > Profile Editor for enhanced mapping flexibility.

Troubleshooting

  • Verify permissionLevel values: admin, editor, user, or developer
  • Confirm role matches existing Forest roles
  • Allow time for synchronization
  • Note that team updates may trigger back-end restarts