1. Help Center
  2. Integrations
  3. Security and Single Sign-On (SSO)

Okta Integration: User Provisioning Setup

User Provisioning with Okta

Time to read: 5 minutes

If you are looking for SSO setup with Okta, see SSO Setup


Main takeaways:

  • The integration enables you to use Okta for user provisioning service when accessing Forecast 
  • To sign in to Forecast with your Okta account, your user email has to be the same in both Forecast and Okta. This can be set up manually in Forecast or provisioning can be used to automatically create users in Forecast from Okta
  • This integration is especially useful for plus customers as the integration adds an extra layer of security. 
  • Note: This integration is available for Plus customers only


The following provisioning features are supported:

  • Push New Users - New users created through OKTA will also be created in Forecast
  • Push Profile Updates - Updates made to the user's profile through OKTA will be pushed to Forecast
  • Push User Deactivation/reactivation - Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in Forecast
  • Import New Users - New users created in Forecast will be downloaded and turned in to new AppUser objects, for matching against existing OKTA users


Setting up provisioning

Step 1: Go to Your Org section of Okta

2020-07-02 (12)



Step 2: Click Add Apps

2020-07-02 (5)


Step 3: Find Forecast in the application catalogue, and click Add Apps


Step 4: Select Do not display application icon to users and Do not display application icon in the Okta Mobile App. Also uncheck the "Automatically log in when user lands on login page"



Step 5: In the Sign-On Options screen, set the Application username format to Email


To add the provisioning feature of the Forecast application, navigate to the Applications section in Okta and click the Add Application button.



Configure your Provisioning settings for Forecast 

Step 1: Find your SCIM username and password in Forecast here: https://app.forecast.it/settings/catalog/okta


Step 2: Go to the Forecast application inside Okta and select the Provisioning tab


Step 3: Click the Configure API Integration


Step 4: Scroll down and select the Provisioning Features you want to enable



Step 5: Click the "Enable API integration" and fill in the Username and Password received from Step 1.

Step 6: Click the "Test API Credentials" and you should see a confirmation like this:



Troubleshooting and Tips

If you find any problems, don't hesitate to contact us at info@forecast.it or on the chat.