HR-Driven IT Provisioning
Manage employee identities through your HCM
The Challenge
Too many users in too many places
Enterprises that use a human resource management system such as Workday, UltiPro, SAP SuccessFactors, or Oracle HCM Cloud, often rely on that same system as the authoritative source of employee data. But it’s challenging for IT to synchronize HR user records between AD and enterprise applications. It only gets harder as more people join the organization, as they change roles over time, as they manually update their own information, and as they leave.
Okta brings identity management and HRM together into a unified system. Now HR and IT can work together more efficiently to bridge the employee lifecycle gap.
The Solution
Okta IT Products
Provisioning
Automate user onboarding and offboarding with seamless communication between directories and cloud applications.
Learn moreFeatures
- Automated User Import
- Automated Deprovisioning
- Rule Engine
- Bi-Directional User Management Integrations
- On-Prem Provisioning
- Just-in-Time Provisioning
- Deep Integrations
Universal Directory
Deploy a flexible, cloud-based user store to customize, organize, and manage any set of user attributes.
Learn moreFeatures
- One Source of Truth
- Seamless Information Exchange
- Single-Tenant Deployment
- Extensible User Profiles
- Standard Attributes
-
Automate provisioning and deprovisioning between HCM and enterprise applications body.
- Effortlessly create and deactivate Active Directory accounts, driven by changes in Workday
- Schedule data synchronization hourly, daily, or on-demand
- Centralize reporting and audit of access across all of your systems
-
Joint development with Workday
More than simply writing to a Workday API, Okta and Workday have developed a comprehensive identity lifecycle management functionality, introducing new features such provisioning groups and an enhanced onboarding workflow.
-
Fully automatic group management
With Okta, you can create AD security group memberships, match them to Workday provisioning groups, and automate application provisioning based on the group's authorization level. If a user is terminated in Workday, or if their group membership changes, Okta pushes the change downstream to deactivate AD accounts, deprovision applications, and revise authorizations.
Now Twilio won't have to react to a data breach or data loss. We have the pieces in place to protect our data.
– Seth Hardiman, IT Administrator, Twilio