← All work
Automations · Okta 2025
Printify

Two tenants,
one identity plane.

Mandet leads Printify's Okta consolidation across two organizations - merging users, groups, attributes, and app assignments into a single environment, then wiring automation so onboarding, offboarding, and app provisioning run without tickets.

2 → 1 Okta tenants
9+ apps integrated
4 lifecycle flows
2025 shipped
Okta lead Role
POD marketplace Sector

The brief.


Printify had grown into two Okta organizations. Each tenant carried its own users, its own groups, its own attributes, and its own application assignments. What used to be a clean identity surface had turned into two parallel ones - and every onboard, offboard, or role change meant deciding which Okta did what, then doing it twice.

The work was two things at once. First, merge the two tenants into a single policy-driven environment without breaking access. Second, automate the lifecycle across the app stack so the next org change doesn't turn into a ticket queue - and leave the IT team with the documentation and training to run it.


The approach.


We plugged into Printify's integration plan as the hands-on Okta team - reviewing the existing setups across both organizations, assessing what needed to change, and executing the merge without breaking access. Users, groups, attributes, and application assignments all routed into a single environment, with configurations rebuilt to match Printify's future operating model.

On top of the merge we wired the lifecycle: group-based provisioning rules, and improved onboarding, offboarding, and leave-of-absence flows. Okta-Workday integration was built and tested in Sandbox before touching Production. New apps - Zendesk, Miro, Atlassian, Slack, Culture Amp, Robin, Figma, and more - were integrated with attribute mapping per app and validated end-to-end with stakeholders before going live. Every change landed in Printify's Confluence with training for the IT team, so the knowledge doesn't live with us alone.

Consolidated
  • Users & attributesIdentities merged across both tenants with attribute schemas unified for downstream apps.
  • Groups & policiesDuplicate and conflicting groups resolved into a single policy-driven model that scales.
  • Application assignmentsEvery app's access model re-pointed at the surviving tenant without interruption.
  • ConfigurationsExisting Okta setups reviewed and rebuilt to match Printify's future operating model.
Automated
  • OnboardingGroup-based provisioning gives new hires day-one access across the app stack - no ticket, no manual assignment.
  • OffboardingHR closes the record, Okta revokes access across every downstream app.
  • Leave of absenceDedicated flow for paused access that keeps the employee record intact without holding open licenses.
  • Workday + Bob integrationBuilt and tested in Sandbox before touching Production - end-to-end validated with stakeholders.
Outcomes

Two tenants, one plane. Lifecycle on rails.

2 → 1Okta tenants
9+apps integrated
4lifecycle flows
100%stakeholder-tested

Onboarding, offboarding, and role changes run through Workday into Okta and out to every downstream app - without tickets, without manual edits. The merge landed clean, the automation holds, and the IT team has the documentation and training to run it.

Appendix

Stack & integrations

Identity 3
Okta Okta Workflows Group-based provisioning
HRIS 2
Workday Bob
Apps integrated 7
Slack Zendesk Atlassian Miro Figma Culture Amp Robin + more
Lifecycle & delivery 4
Onboarding Offboarding Leave of absence Sandbox + Production testing
← All work
~ 15 min. no pitch. no spam. ~

Tell us what you're actually building.

You send us the idea. We reply with scope, timeline, and a ballpark.