Changing Auth Method in SCIM App

We are preparing to build a SCIM integration and were wondering about the ability to make changes to the app once it is eventually published to the OIN. Specifically we would like to understand if it is possible to start off by publishing an app that uses “A custom HTTP header” for auth and then later update it to use the “OAuth 2.0 Authorization Code grant flow”.

Of course, we would be obligated to inform customers using the app about the necessary steps to take on their end to update the configuration, but we wanted to understand if there are any process guidelines for this sort of thing.

You can update your application once submitted. In a case like this where it could effect existing installations you maybe required to either submit another version, or support both auth methods in the same version. You can verify with our Okta Integration Team by contacting them directly at