User removed from Okta group synced to Databricks still appearing in group in Databricks

Ensure you are not using the same Okta group for both App Assignment and Group Push.

Written by umakanth.charakanam

Last published at: October 24th, 2025

Problem

In your Okta account, you remove a user from a group that syncs to Databricks. This is the only group they are a member of, so when you check your Databricks account, you see the user is marked as inactive in Databricks. However, the user still appears as a member of the group.

 

Later, you add the user to a different group in Okta. When you check Databricks again, you see the user is now active again, but appears as a member of both the previous group and the new group.

 

Cause

You’re using the same Okta group for both App Assignment and Group Push, which Okta doesn’t support. Trying to do so causes a sync inconsistency between Okta and Databricks SCIM provisioning.

 

Solution

Ensure that you aren’t using the same Okta group for both App Assignment and Group Push. For more information, refer to the Okta Troubleshooting Group Push documentation.