Connect Identity or HR Providers
Connecting your IDP/HR system allows Opal to sync your organization's identities and attributes from a predefined source of truth, whether your IDP, your HRIS system, or both. Opal allows you to aggregate your identities and their metadata across disparate systems to provide a centralized, complete picture of users in one view.
How Opal interacts with IDP/HR providers
When you connect Opal to your Identity Provider (IDP) or HR Information System (HRIS), Opal creates users for your employees and syncs helpful information about them.
- Opal automatically imports your organization's user list
- Opal can import user information such as manager and title, along with custom attributes you specify
- Opal can revoke user access when accounts are terminated in the IDP
Note that Opal does NOT currently automatically create Opal users for every individual in your IDP. Opal users are only created when they're also part of an imported app.
Supported Identity/HR providers
Opal currently supports the following IDP/HRIS providers. See these guides for more information:
User deprovisioning
When users are deprovisioning in your IDP/HRIS provider, you can enable settings in Opal to automatically remove any access to end systems provisioned by Opal, as well as remove the user's access to Opal. If you enable both settings, end system access will be removed first.
Go to Configuration > Organizational Settings and select the appropriate deprovisioning settings.

Updated 13 days ago
Get started by connecting your first IDP/HR Provider