Integration with Okta provides the following:
- Visibility about your Okta users, groups, and rols and the applications they can access as well as the actual user usage.
- Improved identity posture for Okta users and the Okta infrastructure.
- Ability to detect and remediate identity-based attacks and suspicious behavior.
Integration requires the following steps:
- Login to Authomize app in the okta integration network: https://www.okta.com/integrations/authomize-identity-security/
- In Okta, generate OAuth credentials for the Automize app.
- Integrate Okta with Authomize.
Generate OAuth credentials
Authomize integrates through OAuth using credentials from the Authomize app on the Okta integration network. To integrate, you need the following parameters from Okta:
- Domain: The unique account domain used to request logs from your Okta account. The URL must be valid and start with https://<your_domain>.okta.com.
- Client ID: The client ID provided by Okta.
- Client secret: The client secret provided by Okta.
To generate OAuth credentials in Okta:
- In Okta, navigate to Applications > API Services Integration > Add Integration > Authomize Identity Security.
When this process is complete, you will see the client ID and client secret.
Integrate Okta with Authomize
You will use Okta credentials to enable the integration in Authomize.
Prerequisites
- You can access Authomize as a system administrator.
- You have the Okta domain, client ID, and client secret created in the previous procedure.
- From the Authomize menu, select Integrations and click Add New App.
- Click the Okta app.
The Okta dialog is displayed: - Enter the Okta domain and credentials.
(The Token field is to provide support for legacy integrations.) - (Optional) You can enter a unique name for this integration. By default, the integration will be named Okta.
- (Optional) Select a current Authomize user as the app owner.
- Click Create.
The Okta tile is displayed as a connected app. The synchronization process begins, and its status will be shown when it is completed.
Collected Data
- Users
- Roles
- Groups
- Applications
- IDP related data
- Activity data
OAuth scopes used in the integration
- Okta.users.read
- Okta.idps.read
- Okta.roles.read
- Okta.groups.read
- Okta.apps.read
- okta.logs.read