Hi,
If I am integrating Okta with Denodo, I would create the roles in Solution Manager which are configured in Okta. The same roles will be configured in okta. The roles need to be given necessary privileges. For more information about creating roles in Okta and Solution Manager, please refer [Configure Okta for Single Sign On](https://community.denodo.com/kb/en/view/document/How%20To%20Configure%20Okta%20for%20Single%20Sign-On%20in%20Denodo%20Solution%20Manager%208.0) Knowledge Base article.
Also, if I need to grant privileges to a specific user over different environments, then I would make use of the ‘Permissions’ option under the ‘Configuration’ menu in the Solution Manager Administration tool. I will select the key icon near the environment to which I need to give permission. This will open the tab to give permissions specific to some environments.
You could refer the [Authorization ](https://community.denodo.com/docs/html/browse/latest/en/solution_manager/administration/authentication_and_authorization/authorization/authorization#privileges-granted-to-a-role-for-an-environment) section under the Solution Manager Administration Guide to know more about the privileges available for a user.
If you still need further assistance and if you are a valid support user, you can raise a [Support Case](https://support.denodo.com/cases/add), for further assistance from the Support Team.
Hope this helps!