# One Okta

The NetSPI Platform has a broad integration with One Okta.

Similar to our other integrations, the One Okta integration is read-only and does not perform actions to configure systems or otherwise change anything about your One Okta system.

# Supported asset types

The One Okta integration provides the NetSPI Platform visibility into the following asset types:

• Users
• Systems

# Endpoints used

The following API endpoints are used in this integration.

• api/v1/users
• api/v1/logs
• api/v1/devices

# Required permissions

This integration needs an API key with the following access permissions:

• Read-only Administrator

# Configuration steps

Use the section below for configuring Okta to integrate with the NetSPI Platform.

# Step one: Okta system configuration

Okta attaches the API token to a user. NetSPI recommends that a service account be created for this API token to be attached to.

1. Navigate to Admin -> Settings -> Features and ensure that Custom administrator roles is enabled.

   

2. Navigate to Admin -> Directory -> People -> Add person and create a service account, selecting Save to complete.

   

3. Navigate to Admin -> Security -> Administrators -> Admins and select Add Administrator.

4. Search for the service account you just created above and select it.

5. Under Roles, select Read-only Administrator.

   

6. Select Save Changes when complete.

7. Log out of Okta, and then log back in with the new service account.

8. Navigate to Admin -> API -> Tokens and select the Create Token button.

9. Enter a name for the token, such as "NetspiAppServiceToken", and select Create Token.

   

10. Copy the API token. This will be pasted into the the NetSPI Platform CAASM integration step below.

11. Select OK, got it to save your changes.

# Step two: NetSPI Platform CAASM configuration

Use the steps below to configure the Okta Integration in the NetSPI Platform.

1. Log into the NetSPI Platform as a Client Admin user.

2. Navigate to Settings -> CAASM Integrations to display the Integrations page.

   

3. Select the Integration Library tab -> Integration Categories / Identity and Access Management (IAM) -> Okta Integration.

   

   This brings the Okta integration card into focus.

   Note

   You can also locate the integration card by:

   • Scrolling down the page on the Integration Library tab
   • Filter the integration options displayed by selecting any of the other left navigation choices besides Integration Categories, e.g., by Modules or Integration Scopes (cloud or on premise)
   • Enter the integration name in the Search integration bar

4. Select the Add button on the Okta card to display the Okta integration configuration page.

   

5. Select and enter values for the following fields.

   1. Select the integration type from the Integration drop-down list. In this case, Okta Integration, which is already selected by default.

   2. Select the integration scope from the Scope drop-down list. The Okta integration can only run on a cloud scope, which was configured by NetSPI and Cloud displays as the default value.

   3. Enter an integration name and description in the Integration Name and Description fields.

   4. Select the Enabled slider button to display as either on (blue) or off (light gray).

   5. Enter or copy/paste the Okta host name and API token you created in step 5 of the Step one: Okta system configuration above into the Server and API Token fields.

6. Select Create to create the integration. The new integration now displays on the Applied Integrations tab with its statuses: current and last run, last run time, and status (enabled/disabled).