When I was testing SCIM integration, I observed some issue
- I created a SAML application in Okta
- Assigned few users to that app and logged in using that SAML app. Everything worked fine.
- I enabled SCIM provisioning for that app. As of now, we support only deactivation functionality. So, I enabled only the Deactivation option in “To App” settings
- When I tried to deactivate an existing user already assigned to the app, it didn’t trigger a SCIM call to external app to deactivate that user
- If I assign a new user to the app and then deactivate, Okta triggers the SCIM API call to external app
Question is will Okta run an initial synchronization cycle after SCIM is enabled in an existing app with some assigned users?