1. Help Center
  2. API & Integrations
  3. Security and Single Sign-On (SSO)

Okta Integration: User Provisioning Setup

User Provisioning with Okta

If you are looking for SSO setup with Okta, see SSO Setup

Please note: This integration is available for PLUS customers only

Main takeaways:


Okta & Forecast

Forecasts integration with Okta allows you to use Okta for user provisioning service when accessing Forecast. This means that your Forecast account will have an extra layer of security. In order to make use of the integration please make sure that your email in Forecast is the same as the one in Okta. 


The following provisioning features are supported:

  • Push New Users - New users created through OKTA will also be created in Forecast
  • Push Profile Updates - Updates made to the user's profile through OKTA will be pushed to Forecast
  • Push User Deactivation/reactivation - Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in Forecast
  • Import New Users - New users created in Forecast will be downloaded and turned in to new AppUser objects, for matching against existing OKTA users


Setting up Provisioning

Step 1: Go to Your Org section of Okta

2020-07-02 (12)



Step 2: Click Add Apps

2020-07-02 (5)


Step 3: Find Forecast in the application catalogue, and click Add Apps


Step 4: Select Do not display application icon to users and Do not display application icon in the Okta Mobile App. Also uncheck the "Automatically log in when user lands on login page"



Step 5: In the Sign-On Options screen, set the Application username format to Email


To add the provisioning feature of the Forecast application, navigate to the Applications section in Okta and click the Add Application button.


Configure your Provisioning settings for Forecast 

Step 1: Find your SCIM username and password in Forecast here: https://app.forecast.it/settings/catalog/okta


Step 2: Go to the Forecast application inside Okta and select the Provisioning tab


Step 3: Click the Configure API Integration


Step 4: Scroll down and select the Provisioning Features you want to enable



Step 5: Click the "Enable API integration" and fill in the Username and Password received from Step 1.

Step 6: Click the "Test API Credentials" and you should see a confirmation like this:



Troubleshooting and Tips

If you find any problems, don't hesitate to contact us at info@forecast.it or on the chat.