# CREATE SECURITY INTEGRATION
## Syntax
```sql
CREATE SECURITY INTEGRATION [IF NOT EXISTS] security_integration_name
WITH (security_integration_parameter = value [, ... ]);
```
### Description
Security integrations allow [Access Control](/overview/core-concepts/access-control.md#organiation)s to configure authentication and authorization mechanisms.
Only a [role](/overview/core-concepts/access-control.md#_role) with [MANAGE\_MEMBERS](/overview/core-concepts/access-control.md#_privilege) privilege can create a security integration.
### Arguments
#### **security\_integration\_name**
Specifies the name of the new security integration. If the name is case-sensitive, you must wrap it in double quotes; otherwise, the system uses the lower case name.
#### WITH (**security\_integration**\_parameter = value \[, … ])
This clause specifies [#security-integration-parameters](#security-integration-parameters "mention").
### Security Integration Parameters
| Parameter Name | Description |
| -------------- | --------------------------------------------------------------------------------------------------------------------------------- |
| `type` | Type of security integration.
Required: Yes
Valid values: SCIM
|
### SCIM Specific Parameters
| Parameter Name | Description |
| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `scim.client` | Type of SCIM client that will use the SCIM API.
Required: No
Valid values: OKTA
|
| `scim.run_as_role` | The role used to manage all users and custom roles for the SCIM integration.
Required: No
Valid values: okta\_skim\_provisioner for OKTA client.
Default: okta\_skim\_provisioner for OKTA client.
|
## Examples
#### Create a OKTA SCIM security integration
The following creates a new SCIM security integration with name `okta`:
{% hint style="info" %}
**Note** The role `okta_skim_provisioner` must exist with the `MANAGE_MEMBERS` privlege.
{% endhint %}
```shell
/# CREATE SECURITY INTEGRATION "okta" WITH ( 'type' = SCIM, 'scim.client' = OKTA, 'scim.run_as_role' = okta_skim_provisioner );
+----------------------+-------+----------+------------------------------------------+----------------------+-------------------+-------------------------------+
| Type | Name | Command | Summary | Token | Uri | Expires At |
+======================+=======+==========+==========================================+======================+===================+===============================+
| security integration | okta | CREATE | security integration okta was | | | 2025-07-15 23:17:15 +0000 UTC |
| | | | successfully created | | | |
+----------------------+-------+----------+------------------------------------------+----------------------+-------------------+-------------------------------+
```
You can use the `Uri` and `Token` from the response of this command to [configure an Okta App Integration](/enterprise-security-integrations/okta-scim-integration.md).
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.deltastream.io/reference/sql-syntax/ddl/create-security-integration.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.