Okta does not make use of the DELETE method on a SCIM server, see here.
Okta doesn’t perform DELETE operations on User objects in your SCIM application.
If a user is deactivated or removed from your integration inside Okta, then Okta sends a request to your SCIM application to set the active attribute to false. There is no deprovisioning event sent for users that are suspended inside Okta.
Dec 05 18:13:07 - Verify user in external app (Forkable) by doing a GET to SCIM
Dec 05 18:13:07 - Push marked as failed because the SCIM server was still returning active=false
Dec 05 19:04:41 - Deactivate user. Okta does not send active=false since when the user was activated at 18:12:57, the SCIM server was returning false for active instead of true. So inernally Okta already has this user marked as inactive in the SCIM server.
When Okta changes a user state it does an immediate GET to verify that change took place. SCIM requests should be synchronous in nature because of this. The SCIM server shouldn’t reply until the message sent from Okta is fully processed.
You can verify the transactions by going to the Okta System log and for 12/5 search only for “00u3rp3snewdH4HnB5d7”
Thanks, tried again. It’s not working, check event Y49TcWpUqWuSQbGBlZ0EVwAAA20.
This time I made sure the integration is returning the SCIM user as active when assigning. Then I removed assignment and nothing happened as far as the SCIM integration receiving any requests.
I then tried again by assigning the user to the integration, that worked, and integration returned user as active. Then I deactivated the user in Okta, but integration did not receive any requests at all.