Skip to main content
All CollectionsSetup & ConfigurationIntegrationsIdentity Provider (IDP)
Setup Okta Integration
Setup Okta Integration
Updated over 5 months ago

Overview:

This guide provides a step-by-step process of integrating Okta with Axiom Security.

Prerequisites:

In order to complete this integration you will need the following:

  1. Axiom Tenant admin access

  2. Okta Organization URL

  3. Okta API token

Quick Summary:

  • Configure the Appropriate Administrator Role

  • Create Okta API Token

  • Onboard the obtained details in Axiom Web Application

Configure the Appropriate Administrative Role

Full Functionality API Token

This token provides comprehensive access to all Okta resources, enabling users to manage Users, Groups, Applications, and Role Assignments.

Required Permissions:

  • Users Management: okta.users.manage

  • Groups Management: okta.groups.manage

  • Applications Management: okta.apps.manage

  • Role Assignments: okta.roles.manage

Creation Guide:

  1. Log in to Okta Admin Dashboard using a Super Administrator user.

  2. Move on to the "Create an API Token with Okta" section.

Limited Functionality API Tokens (Read-Only)

This token provides restricted read-only access, limited to viewing Users, Groups, Applications, and Role Assignments.

Required Permissions:

  • Users Read-Only: okta.users.read

  • Groups Read-Only: okta.groups.read

  • Applications Read-Only: okta.apps.read

  • Role Assignments Read-Only: okta.roles.read

Creation Guide:

Full Functionality:

  1. Log in to Okta Admin Dashboard using a Super Administrator user.

Read-Only:

  1. Log in to Okta Admin Dashboard using a Super Administrator user or a user with permissions to manage roles and API tokens.

  2. Navigate to Security → Administrators to manage administrator roles.

  3. Assign a Role to a User:

    • Click on “Add Administrator” to assign a role to a user who will be creating the API token.

    • Search and select the user.

    • Create a custom admin role with specific permissions by clicking on “Add Role” and then “Create New Role.” Name the role and select permissions:

      • User Management: For full support: okta.users.manage; for read-only: okta.users.read

      • Group Management: For full support: okta.groups.manage; for read-only: okta.groups.read

      • Application Management: For full support: okta.apps.manage; for read-only: okta.apps.read

      • Role Assignments: For full support: okta.roles.manage; for read-only: okta.roles.read

  4. Save the role and assign it to the user.

  5. Log in to Okta Admin Dashboard using the user.

  6. Move on to the "Create an API Token with Okta" section.

Create an API token in Okta:

  1. Go to the admin console ({domain}-admin.okta.com):

  2. On the side bar, go to Security → API.

  3. Go to the “Tokens” tab, and click on “Create Token”:

  4. Name the token as you wish(preferably mention that this token is used for Axiom integration), and click on “Create Token”:

  5. Copy the token value and store it aside to create the integration on the Axiom system:

💡 For more information on Okta API tokens please refer to Okta documentation here: https://developer.okta.com/docs/guides/create-an-api-token/main/#okta-api-tokens

Axiom Side:

  1. Create the Axiom Okta Integration:

    1. Go to the axiom application, and navigate to the integrations page:

    2. Click on add Okta integration:

    3. Choose a name for the integration and click Continue:

    4. Fill in the organization domain ({domain}.okta.com), and the API key from section 1, and click Integrate:

Related Articles
Setup MongoDB Atlas Integration
Set up JumpCloud integration
PagerDuty Integration Setup
Setup Kubernetes Integration
Understanding permissions in Axiom
Did this answer your question?