Skip to main content
Sign in

Creating an extended integration for Okta users

Sam Peirce
  • May 02, 2022 19:46
  • Updated

Oomnitza's Okta Extended Connector allows organizations to pull user information from Okta and populate it in Oomnitza. More info in Okta can be found here: https://www.okta.com/ 

okta logo

Okta Extended Connector

Setup

Details on setting up Oomnitza Extended Connectors can be found in Oomnitza's Articles on Connector Setup.

Note: In addition to the standard fields entered during setup, you'll also need your Okta Subdomain. This can be found in your Okta URL: <subdomain.okta>.com or <subdomain.oktapreview>.com for demo Okta accounts. 

Authentication

Okta's REST API uses API Token based authentication. Instructions on generating an API Token can be found here: https://developer.okta.com/docs/guides/create-an-api-token/overview/ 

Credentials for Okta should be added to The Oomnitza Vault. The Authorization Tab of tab of your Okta Credential should be configured as follows:

Authorization type: API Key
Token Name: Authorization
API Key: SSWS <API Key>
Add to: Header
 
mceclip0.png
 
Note: Your API Token must have at least Read access to users in Okta.
 

Standard Mappings

The following fields can be mapped from Okta using Oomnitza's User Interface. For more information on creating Extended Connector Mappings, please see our article on Mapping Extended Connectors.

  • Activated
  • Created Date
  • Email
  • First Name
  • ID
  • Last Login Date
  • Last Name
  • Last Updated Date
  • Login
  • Mobile Phone
  • Password Changed Date
  • Second Email
  • Status
  • Status Changed Date

Okta user and deprovisioned user loads

You can create two extended connectors for Okta:

  • The Okta User Load retrieves information about active or provisioned users.
  • The Okta Deprovisioned User Load retrieves information about deprovisioned users.

The information that is streamed to Oomnitza from Okta is the same for active and deprovisioned user loads. However, when you create the Okta user load, you can also specify whether all active user records are retrieved or only new and updated records.         

On the Connect page for the Okta User Load, you specify the number of days since the last sync. To retrieve all of the active user records when you run the integration for the first time, you enter 0 in the Days Since Last Sync field. When all the user records are uploaded, you can change the value so that only new or updated records are retrieved.

Let's say you ran the Okta User Load last Sunday and you scheduled the Okta User Load to run every Sunday at 6 AM. To reduce the performance workload, you enter 7 in the Days Since Last Sync field. The next time that the the Okta User Load is run only the new records that were added or the user records that were updated since the last run are retrieved.   

Custom Mappings

Additional fields may be available through Okta. For details on how to retrieve them, please reach out to support@oomnitza.com or see our article on Mapping Extended Connectors.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk