Skip to main content
Sign in

Creating a SaaS management integration for Okta users

  • May 23, 2026 09:00
  • Updated

Integrate Okta with Oomnitza to detect and analyze SaaS activity and usage. 

For complete coverage of SaaS activity and usage, add the Okta user integration to capture the SaaS activity and usage of users who bypass SSO. Reduce costs by cancelling subscriptions of under-utilized SaaS applications. Create onboarding and offboarding workflows to automate the provisioning and deprovisioning of SaaS applications. You can add contracts for SaaS applications to budget the cost and total cost of SaaS applications and surface costs and SaaS activity in dashboards.

Before you start   

To integrate Okta with Oomnitza, you must generate an API token. See Create an API token.

To detect additional SaaS apps and users In Oomnitza, your Okta account must have read-only admin privileges.

To easily find the records that are uploaded to Oomnitza, it's best practice to create a dedicated user account for each integration. This will make it easier for you to retrieve the records that are uploaded to Oomnitza from the vendor application. 

small_blue_link.svg Creating integration users 

Creating the integration

  1. In Oomnitza, go to Configuration > Integrations, and then click Block view block_view.PNG
  2. On the Integrations page, scroll down to the SaaS Management Integration section.
  3. Click Okta, and click Next.
  4. Enter the API token that you retrieved from Okta.
  5. Enter the SSO URL for Okta.
  6. From the Detection Capabilities list, select one of the following options:
    • Application Label (Enhanced). Create a SaaS record for each SaaS app in the SaaS system so that you can manage each app separately in Oomnitza. For example, you might have multiple help desk system apps such as one for your IT department and one for customer support. Learn more
    • Display Name (Normal). Create a single SaaS record in Oomnitza for the SaaS system. 
  7. Click Detect additional SaaS applications and users. Detects SaaS apps and users who bypass SSO.  Your Okta must have read-only admin privileges to manage this information in Oomnitza. 
  8. Type the first few letters of the name of the integration user that you created and then select the user from the list. If an integration user isn’t specified, the integration user is set to saas_integration@oomnitza.com.
  9. Add one or more integration contacts. The persons you add will receive and in-app notification and an email when an integration fails, starts processing but fails to complete processing within 24 hours, or fails to run when scheduled.
  10. Select an Oomnitza role such as Employee. All user records that are uploaded from Netskope will be assigned the role that you select. A record for each user will be added to the People page.
  11. Select the lookback synchronization period for the initial load of records.
  12. Select the format that you want to use for the username.
  13. If you don’t want users to log in to Oomnitza, select Restrict access to Oomnitza.
  14. Click NEXT.
  15. Create a schedule to sync with Oomnitza.
  16. Click Finish.

test-icon-for-content-block-32px.svg Test

To test the integration, click the tile in the Saas Management Integration section and click RUN NOW. To check for errors, click Sync Sessions.

monitor-icon-for-content-blocks-32px.svg Monitor

To monitor the SaaS application records that are uploaded to Oomnitza, create a search. 

When you use the search that you created to review the records that were uploaded to Oomnitza on the Software page, the name of the SaaS application that was accessed is displayed, and the name of the user who created the integration. 

tip_bulb_yellow_icon.png

To review the users who accessed the SaaS apps, click a record, click an app, and then click the Users tab. Hover the mouse over the last activity info icon to get more details. To view the user’s Oomnitza record, hover the mouse over the user’s name and click the link.

Next steps

If you selected Application Label, you need to follow the steps in Splitting Okta SaaS systems into separate instances to split the SaaS instance into its individual SaaS applications.

Follow the steps in Creating an extended integration for Okta users to create a user integration for Okta. If you have selected the sync by application label option above, you can select separate SaaS integrations for each application label that is detected. 

More about detection capabilities

Display Name (Normal)

split-sync-key-choice-display-name.svg

Regardless how many applications the SaaS system has, all the SaaS user information for all of the SaaS applications is loaded into a single SaaS software record in Oomnitza.  

Application Label (Enhanced) 

split-sync-key-choice-app-label.svg

When the SaaS system is synced with Oomnitza, you can split the SaaS system into separate SaaS software records for each SaaS application. To do this, you can select Application Label.

Related articles

BlueLink.svg Creating an extended integration for Okta users

BlueLink.svg Splitting SaaS systems into separate instances

BlueLink.svg Adding and Managing Contracts

BlueLink.svg Creating an SSO integration for Okta

BlueLink.svg Deactivating an integration

Learn more

Related articles

Comments

0 comments

Please sign in to leave a comment.