You can use OKTA as an IdP and logon to HTTP enabled applications with SAML 2.0 protocol. This will not help you with SAP GUI though, so I recommend you use an SNC library to authenticate the user against Active Directory (using Kerberos) for SAP GUI logon.
Thanks
Tim