All Collections
Onboarding and Configuration Guides
Okta Onboarding Guide
Okta Onboarding Guide
Gal Nakash avatar
Written by Gal Nakash
Updated over a week ago

Okta stores user and user group data to support single sign-on functionality, which can include personal information for each user, such as photographs and phone numbers.

You can connect your Okta account to Reco to analyze and monitor activity, which will help you protect all of your company's data.

Integrate Okta with Reco

Okta enables two ways of authorizing Reco to integrate: OAuth2 and SSWS.

Integrating using OAuth2 (recommended)

  1. In Okta, navigate to Applications > API Services Integration > Add Integration > Reco.

  2. Upon installation, you will be provided a set of Org URL, Client ID, and Client Secret credentials. Copy those credentials.

    1. Important Note: You must copy the token now, as you won't be able to retrieve it later.

  3. Login to the Reco Platform

  4. Click on "Configurations" then click on "Integrations"

  5. Locate the "Okta" object and click on "Add Integration"

  6. Paste the credentials set in the Okta integration flyout and ensure that the "Authorization Mode" selected is "Bearer":

  7. The Okta Integration Status will become "Active" if the integration is successful.

Integrating using SWSS (legacy)

Please make sure that the user that follows the below step is a "super admin". Otherwise, Reco will not have permission to ingest all the required Okta objects.

  • Browse to your Okta admin account and log in. The Okta admin account is at your tenant URL, which is in the following format: "https://{tenant}-admin.okta.com". For example https://trial-3101065-admin.okta.com

  • From the sidebar, click "Security" and then "API".

  • Click on the "Tokens" tab and then "Create Token".

  1. Give your token a unique name, to indicate its purpose for future reference, and then click "Create Token".

  2. The pop-up reloads with a token; in the background, the API list also updates with the token and its general details

  3. Login to the Reco Platform

  4. Click on "Configurations" then click on "Integrations"

  5. Locate the "Okta" object and click on "Add Integration"

  6. Paste the credentials set in the Okta integration flyout and ensure that the "Authorization Mode" selected is "SSWS".

    1. Leave the "Client ID" field blank.

  7. The Okta Integration Status will become "Active" if the integration is successful.

What do we ingest exactly?

Scopes

Documentation

okta.users.read

Users

okta.groups.read

Groups

okta.groups.read

Groups

okta.logs.read

System Log

okta.apps.read

Applications

okta.appGrants.read

Application Grants

okta.apps.read

Application Groups

okta.apps.read

Application Users

okta.domains.read

Custom Domains

okta.roles.read

Role Assignments

okta.policies.read

Policies

okta.users.read

User Factors

okta.apps.read

Okta Application Settings

okta.orgs.read

Org Settings

okta.orgs.read

Org Settings

okta.devices.read

Devices

okta.idps.read

Identity Providers

okta.networkZones.read

Network Zones

okta.threatInsights.read

ThreatInsight

okta.behaviors.read

Behavior Rules

Did this answer your question?