Peoplifi is available in the Okta Integration Network with one-click SAML 2.0 SSO and SCIM 2.0 provisioning. Okta admins can deploy Peoplifi access to thousands of users in minutes, deprovision instantly when an employee leaves the company, and enforce universal MFA, device trust, and password policies through the Okta dashboard.
Try Peoplifi Free for 7 DaysYes. Peoplifi exposes connector actions for Okta Workflows (create employee, update profile, request time off, fetch payroll status), which lets you automate joiner/mover/leaver workflows end-to-end.
Yes — Peoplifi is a verified Okta Integration Network app with SAML 2.0 and SCIM 2.0 certification.
Yes. SCIM mapping lets you push standard attributes (firstName, lastName, email, manager, department, title) plus custom attributes you have defined in Okta.
SAML SSO is included on Growth and Business. SCIM provisioning requires the Business plan.
Joiners: when a new user is added to the Peoplifi-assigned Okta group, SCIM provisions them in Peoplifi within seconds with role and attributes pre-mapped. Movers: when group membership changes in Okta (e.g., promotion or department transfer), SCIM updates the Peoplifi role and reporting line automatically. Leavers: when offboarded in Okta, the Peoplifi account is suspended within minutes, revoking access without manual HR intervention.
Yes. Because Peoplifi delegates authentication entirely to Okta, any Okta-side policy — adaptive MFA, device trust, network zone restrictions, risk-based authentication — automatically applies to Peoplifi sign-ins. Users hit the policies before reaching the Peoplifi session.
Each Peoplifi sign-in via Okta is logged in both Okta's System Log and Peoplifi's audit log, with correlation IDs that match across systems. Security teams can trace user activity end-to-end from authentication through application actions.
Okta is one of the most widely-adopted enterprise identity platforms globally, used by tens of thousands of organisations to manage workforce identity, single sign-on, multi-factor authentication, and user lifecycle. For HR-tech stacks, Okta is increasingly the foundation: when an employee joins the company, they are created in Okta first; when they leave, they are suspended in Okta first; their access to dozens of downstream applications — including HR — flows from Okta. Integrating Peoplifi with Okta means HR fits cleanly into the modern security and lifecycle architecture rather than being a manual island.
Peoplifi's Okta SSO uses SAML 2.0, the gold standard for enterprise federated authentication. When a user attempts to sign in to Peoplifi, the application redirects to Okta as the identity provider; Okta authenticates the user (applying any configured MFA, device-trust, or risk-based policies); on success, Okta returns a signed SAML assertion to Peoplifi; Peoplifi validates the assertion and creates a session. The user never enters a Peoplifi-specific password — credentials live exclusively in Okta. This eliminates password-management overhead, reduces phishing exposure, and ensures access policy is centrally administered.
Beyond authentication, Peoplifi supports SCIM 2.0 for full lifecycle automation. SCIM (System for Cross-domain Identity Management) is the standard for provisioning and deprovisioning users across SaaS applications. With SCIM enabled, Peoplifi accounts are created, updated, and suspended automatically based on Okta group membership and attribute changes. A new hire added to the Okta 'All Employees' group appears in Peoplifi within seconds; an offboarded employee removed from Okta is suspended in Peoplifi within minutes. Mid-cycle changes — promotions, department transfers, role updates — flow through SCIM without HR-team intervention.
Peoplifi supports mapping Okta groups to Peoplifi roles. Common patterns: an 'HR Admins' Okta group maps to Peoplifi's HR Admin role; a 'Managers' group maps to the Manager role; a 'All Employees' group maps to the standard Employee role. As employees move between groups in Okta — for example, getting promoted into the Managers group — their Peoplifi role updates automatically. This eliminates the lag and risk associated with manually maintaining roles in two systems.
Customers can choose between two provisioning models. Just-in-time (JIT) provisioning creates the Peoplifi account on first sign-in — simpler to set up, but the account doesn't exist until the user first authenticates. SCIM provisioning creates accounts proactively when users are added to Okta groups — heavier to configure but provides cleaner pre-emptive setup, faster onboarding (no first-login delay), and cleaner deprovisioning (accounts are suspended even if the user never signed in to Peoplifi). Most enterprises with significant Peoplifi user counts choose SCIM for the operational benefits.
The Okta-Peoplifi integration substantially improves audit and compliance posture. (1) Centralised access control — security teams manage all access from Okta rather than maintaining account stores in dozens of SaaS apps. (2) Universal MFA enforcement — sign-in to Peoplifi automatically requires whatever MFA Okta enforces, including FIDO2/WebAuthn, push-based MFA, or hardware tokens. (3) Adaptive policies — sign-ins from unusual locations or unfamiliar devices trigger step-up authentication. (4) Auditable logging — Okta's System Log captures every authentication event with user, time, device, location, and policy outcome metadata. (5) Faster incident response — if a user account is suspected to be compromised, suspending in Okta locks them out of Peoplifi (and every other Okta-integrated application) within minutes.