Use Okta groups in Tailscale ACL files

We would like to grant employees access to specific resources in the ACL list based on group membership propagated from Okta. We have groups available in Okta. Is it possible to use metadata from Okta in ACL files, for example for defining Tailscale groups or in the ACLs themselves? Perhaps we could have written something like

"TagOwners": {
	"tag:montreal-webserver": [

If this is not possible, I guess we would have to write this syncronisation our selves, and then push the information via Tailscale API · Tailscale. We would prefer not to duplicate this effort though. I think this is something most Okta users would like.

At present there isn’t a way to do this automatically, but we are actively working on developing SCIM to synchronize group memberships with Okta. It should be available in this calendar year.