How often does Gateco sync from Okta?

The sync interval is configurable per IDP. Manual sync is available anytime via the dashboard or API. SCIM provisioning (Growth+ plans) delivers real-time lifecycle events without polling.

Which Okta profile attributes are synced?

Email, display_name, department, title, and all custom profile attributes. Groups are synced as the principal's groups array. The Okta user's unique ID is stored as provider_subject for deterministic resolution.

Can I use Okta SSO for the Gateco dashboard?

SSO for the Gateco dashboard is on the roadmap for Growth+ plans. The IDP adapter is for principal data sync, not dashboard authentication. Contact enterprise@gateco.ai for timeline details.

Identity Provider

Okta

Sync Okta users and groups to Gateco for identity-aware RAG access control with automatic role propagation.

Okta is an enterprise identity platform used by thousands of organizations for SSO, MFA, and lifecycle management. Gateco integrates with Okta via the SSWS Management API, syncing users, groups, and profile attributes to power principal-based retrieval policies.

When a user joins or leaves an Okta group, Gateco's auto-sync picks up the change within the configured sync interval. Policy conditions referencing that group are immediately effective for all future retrievals — no manual principal management required.

Okta profile attributes (department, title, costCenter, and custom attributes) are synced to Gateco principal attributes. This enables ABAC policies based on Okta profile data: allow retrieval of resources classified "finance" only to principals whose department is "Finance" in Okta.

SCIM v2 provisioning is available on Growth+ plans for real-time user lifecycle events (hire, transfer, terminate) without waiting for the polling interval.

Sample policy

{
  "name": "Okta group document access",
  "effect": "allow",
  "rules": [{
    "conditions": [
      {"field": "principal.groups", "operator": "contains", "value": "Finance-Team"},
      {"field": "resource.classification", "operator": "in", "value": ["internal", "public"]}
    ]
  }],
  "selectors": [{}]
}

Policy conditions reference resource.* and principal.* fields. Policy reference →

Frequently asked questions

How often does Gateco sync from Okta?: The sync interval is configurable per IDP. Manual sync is available anytime via the dashboard or API. SCIM provisioning (Growth+ plans) delivers real-time lifecycle events without polling.
Which Okta profile attributes are synced?: Email, display_name, department, title, and all custom profile attributes. Groups are synced as the principal's groups array. The Okta user's unique ID is stored as provider_subject for deterministic resolution.
Can I use Okta SSO for the Gateco dashboard?: SSO for the Gateco dashboard is on the roadmap for Growth+ plans. The IDP adapter is for principal data sync, not dashboard authentication. Contact enterprise@gateco.ai for timeline details.

Ready to connect Okta?

Follow the step-by-step setup guide or talk to the team for help with your specific configuration.

Setup guide →Talk to the team All integrations