HR-Driven IT Provisioning

Manage employee identities through your HCM

The challenge

Too many users in too many places

Enterprises that use a human resource management system such as Workday, UltiPro, SAP SuccessFactors, BambooHR, and Namely, often rely on that same system as the authoritative source of employee data. But it’s challenging for IT to synchronize HR user records between AD and enterprise applications. It only gets harder as more people join the organization, as they change roles over time, as they manually update their own information, and as they leave.

Okta brings identity management and HRM together into a unified system. Now HR and IT can work together more efficiently to bridge the employee lifecycle gap.

Automate provisioning & deprovisioning between HCM and enterprise applications
  • Effortlessly create and deactivate Active Directory accounts, driven by changes in Workday
  • Schedule data synchronization hourly, daily, or on demand
  • Centralize reporting and audit of access across all of your systems
Joint development with Workday

More than simply writing to a Workday API, Okta and Workday have developed a comprehensive identity lifecycle management functionality, introducing new features such provisioning groups and an enhanced onboarding workflow.

Fully automatic group management

With Okta, you can create AD security group memberships, match them to Workday provisioning groups, and automate application provisioning based on the group's authorization level. If a user is terminated in Workday, or if their group membership changes, Okta pushes the change downstream to deactivate AD accounts, deprovision applications, and revise authorizations.

HR’s Perspective: How to automate onboarding and offboarding with Okta

Twilio Slideshow