Okta

Overview

Visualize and analyze Okta resources, including users, groups, apps, and roles. Monitor access control and authentication policies to ensure secure and compliant user access management. Enforce governance, manage user lifecycle processes, and integrate with identity providers. Detect and mitigate security vulnerabilities in access configurations and authentication practices to safeguard sensitive data and applications.

Configurations

Configuration
Description

Blueprint Account Name

A human-readable name for your account that will be used to identify this account across the application.

URL

The base URL of your Okta instance (i.e., https://dev.okta.com)

Access Token

The API token generated in Okta for authentication.

Data Crawl Frequency

The frequency at which Kaleidoscope will crawl your Okta account for data.

Permissions

The Okta blueprint requires an API Token which you can create by navigating to https://{your-okta-domain}.okta.com/admin/access/api/tokens (replace {your-okta-domain} with your Okta domain). Please ensure that you give the token a descriptive name and note that the token will inherit the permissions of your user account.

When creating the API token, ensure your user account has access to the following scopes:

Required Permissions:

  • Applications: application

  • Groups: group

  • Users: user

  • Authenticators: authenticator

  • Policies: policy

  • Settings: supportsetting

Permission Details:

Permission
Why it's needed

application

Access application configurations, assignments, and metadata

group

Read group information, memberships, and group-based access policies

user

Access user profiles, authentication factors, and user lifecycle data

authenticator

Read authenticator configurations and multi-factor authentication settings

policy

Access authentication policies, access policies, and security configurations

supportsetting

Read system-level settings and organizational configurations

Important Notes:

  • API tokens inherit the permissions of the user who created them

  • Ensure your user account has admin privileges to access all required scopes

  • The token provides access to resources based on your user's role and permissions

For more details on the Okta permissions, you can refer to the following documentation:Core Okta API Reference

Schema Model

Resources
Source Entity
Normalized Entity
Description

Okta Users

okta.user.Users

User

A collection of Okta users.

Okta User

okta.user.User

User

A single Okta user.

Okta App User

okta.application.AppUser

User

User associated with an application.

Okta App Link

okta.application.AppLink

Link

Links related to applications.

Okta

okta

Instance

The Okta instance.

Okta App Group

okta.application.AppGroup

Group

Groups associated with applications.

Okta Applications

okta.application.Applications

Application

A collection of Okta applications.

Okta Application

okta.application.Application

Application

A single Okta application.

Okta User Factor

okta.application.UserFactor

Factor

Factors associated with a user.

Okta Groups

okta.group.Groups

Group

A collection of Okta groups.

Okta Group

okta.group.Group

Group

A single Okta group.

Okta Policies

okta.policy.Policies

Policy

A collection of Okta policies.

Okta Policy

okta.policy.Policy

Policy

A single Okta policy.

Okta Policy Rule

okta.policy.PolicyRule

Rule

Rules associated with a policy.

Okta User Role

okta.user.Role

Role

A role assigned to a user.

Okta Group Role

okta.group.Role

Role

A role assigned to a group.

Okta User Type

okta.user.UserType

UserType

Types of users in Okta.

Okta Authenticators

okta.authenticator.Authenticators

Authenticator

A collection of Okta authenticators.

Okta Authenticator

okta.authenticator.Authenticator

Authenticator

A single Okta authenticator.

PreviousKubernetesNextDatabase

Last updated

Was this helpful?