HR-Driven IT Provisioning

Manage employee identities through your HCM

The Challenge

Too many users in too many places

Enterprises that use a human resource management system such as Workday, UltiPro, SAP SuccessFactors, BambooHR, and Namely, often rely on that same system as the authoritative source of employee data. But it’s challenging for IT to synchronize HR user records between AD and enterprise applications. It only gets harder as more people join the organization, as they change roles over time, as they manually update their own information, and as they leave.

Okta brings identity management and HRM together into a unified system. Now HR and IT can work together more efficiently to bridge the employee lifecycle gap.

The Solution

Okta IT Products

Okta Product - Lifecycle Management

Lifecycle Management

Automate user onboarding and offboarding with seamless communication between directories and cloud applications.

Learn more

Features

  • Automated User Import
  • Automated Deprovisioning
  • Rule Engine
  • Bi-Directional User Management Integrations
  • On-Prem Provisioning
  • Just-in-Time Provisioning
  • Deep Integrations

Okta Product - Universal Directory

Universal Directory

Deploy a flexible, cloud-based user store to customize, organize, and manage any set of user attributes.

Features

  • One Source of Truth
  • Seamless Information Exchange
  • Single-Tenant Deployment
  • Extensible User Profiles
  • Standard Attributes

Automate provisioning and deprovisioning between HCM and enterprise applications body.

  • Effortlessly create and deactivate Active Directory accounts, driven by changes in Workday
  • Schedule data synchronization hourly, daily, or on-demand
  • Centralize reporting and audit of access across all of your systems

Joint development with Workday

More than simply writing to a Workday API, Okta and Workday have developed a comprehensive identity lifecycle management functionality, introducing new features such provisioning groups and an enhanced onboarding workflow.

Fully automatic group management

With Okta, you can create AD security group memberships, match them to Workday provisioning groups, and automate application provisioning based on the group's authorization level. If a user is terminated in Workday, or if their group membership changes, Okta pushes the change downstream to deactivate AD accounts, deprovision applications, and revise authorizations.

HR’s Perspective: How to Automate Onboarding and Offboarding with Okta

"Now Twilio won't have to react to a data breach or data loss. We have the pieces in place to protect our data."

– Seth Hardiman, IT Administrator, Twilio