Hi,
I am currently implementing SCIM for my app for OKTA.
Just curious, how would already deactivated users be sync after SCIM implementation.
Also how do we implement the reverse sync via SCIM i.e from service-provider → Okta?
Are you asking about outbound or inbound SCIM?
You can implement outbound SCIM on SAML applications only from the control panel. In that case, deactivation on the client side means nothing, it’s Okta that pushes status.
Inbound SCIM can only be done in an OIN integration. In that case, if the client deactivates a user then Okta sees it on the next import. If the client deletes a user, then Okta “sees” it on the next full import, which must be run manually. It has to be a full import because then Okta notices we imported a user previously that is not present in the next full import. Deleted users get deactivated in Okta.