Prerequisites

<< Click to Display Table of Contents >>

RayVentory Data Hub > 12.6 u5 > Connectors > Alphabetic Connector List > okta 

Prerequisites

To get a connection to the Okta API an Okta user account with API access is needed. The security profile and permissions should have these settings:

 

API tokens (API keys) are used to authenticate requests to the Okta API just like HTTP cookies authenticate requests to the Okta Application within the browser. An API token is issued for a specific user and all requests with the token act on behalf of the user.

API tokens are secrets and should be treated like passwords. API tokens are generated with the permissions of the user that created the token. If the permissions of a user change, so do those for the token. Okta recommends generating API tokens from a service account with permissions that do not change.

API tokens are valid fro 30 days and automatically renew every time they are used with an API request. When a token has been inactive for more than 30 days, it is revoked and cannot be used again. Tokens are also only valid if the user who created the token is also active. Tokens issued by deactivated users are rejected. If the user account is reactivated, the API token is accepted with no other action required.

 

Ensure to be logged into Okta as an administrator that possesses the rights to perform API call actions:

For example, if planning on using the token for an API call that will add users to an administrator role, the API token needs to be signed on as Super Administrator.

Please refer to the Okta documentation for a list of admin roles and their rights.

 

The API Token can be created by executing the following steps:

 

1.Sign in to Okta with an account that has the required privileges.

2.In the Admin Console, select API from the Security menu and select the Tokens tab.

3.Click the Create Token button.

4.Enter a descriptive name for the token (for example: RayVentory Data Hub) and click on the Create Token button.

5.Save the value of the token to a secure location. It will only be accessible this once and if it is lost the token needs to be deleted and a new token has to be created.

 

For more information, refer to https://help.okta.com/en/prod/Content/Topics/Security/API.htm.