08/2022 - rev 1
The Oort identity security platform reads a variety of user account data and event data to build a full picture of the identity security posture of your Okta tenant, as well as on-going identity threats against your organization.
The goal of this document is to serve as a guide to set up Oort with a data integration to your Okta tenant.
Okta integration is configured using a read-only API token.
To add the necessary configuration in Okta, you need to be one of the following:
- Read-only administrator
There are 3 steps you need to go through to set up the data integration between Okta and Oort.
- Login to the Okta admin console with a read-only admin account.
Note - some organizations create a specific admin service account for this purpose only, on a per integration basis.
- Generate an API token as described by the Okta documentation here.
- Login to the Oort console
- Click Integrations tab -> Add Integration -> Okta.
- In the New Okta integration page, enter the following -
- A display name for the integration, such as Okta-[customer name]
- Instance URL - the is the primary FQDN of your Okta tenant, such as https://[customername].okta.com
- Okta API token generated in the previous steps
On the Integrations page, click the three dots menu on the right side of the new Okta integration tile. Click Test Connectivity.
- Once successfully verified, click the same menu again and click Collect Now to begin initial data collection.
NOTE - Due to Okta API rate limiting, the initial data collection, including historical log data, may take up to 24 hrs. Your Oort technical contact will assist with any questions in this process.