Microsoft Graph delta support for user-ownedDevices in ISC (Azure → Okta sync

Identity Security Cloud (ISC) ISC Discussion and Questions
1

Hi Team,

We are currently evaluating approaches in ISC to synchronize Azure AD device ownership information into Okta via ISC.

The two approaches under consideration are:

  1. Scheduled Workflow invoking Microsoft Graph API (/users/{UPN}/ownedDevices) with delta comparison inside the workflow

  2. Web Services connector using full or delta aggregation (dependent user → device aggregation)

The key design decision hinges on whether Microsoft Graph reliably supports delta tracking for user-ownedDevices relationships, specifically for ownership add/remove events (not just device updates).

Has anyone implemented this using ISC and can share:

Whether Graph delta queries reliably capture ownership changes

Any limitations or edge cases observed

Best practices for handling scale and performance in this scenario

Any real-world experience or guidance would be greatly appreciated. Thanks.

2

Kindly share any thought on this please.

3

@sagr0812 Are you trying to push the data into Okta from ISC ?

4

@kompala Yes, that’s correct.
We are looking to push Azure device ownership information from ISC to Okta.

The current design is:

  • Fetch device ownership from Azure AD using Microsoft Graph

  • Store the device names as an identity attribute in ISC

  • Propagate that attribute to Okta via ISC provisioning / attribute sync

We’re mainly evaluating the best way to retrieve and maintain this data in ISC (scheduled workflow vs web services aggregation) before pushing it to Okta.Thanks.

5

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.