How to do Okta SSO Integration with SpringBoot app? and all user management would be on Okta's Side

hello Everybody,

I would like some help please, Trying to implement okta sso with some specifications with my app.

If I want to add the ability to SSO with OKTA to an already existing Application, Without creating new users in the database from my side, So the whole user management would be on the Okta Admin side and not in the application itself.

The ability for the Okta admin to assign groups access to the application, without interacting with the application ( like creating users ), I have 3 Roles Admin, Editor and viewer and each Group would be given one of those Roles. and Can I add the ability to use the same token system that i’m using now JWT ? for request authorization ?

What do you think is the preferred way to do that ? OIDC or SAML ? And can it be private without uploading to the OIN ? and are there any good guides to do that with SPRING BOOT ?

Thanks A lot really appreciate it