Setting Up Integrations

Share

Is this article helpful?

Last updated:

Okta Integration Guide for SecurityCoach

In this article, you'll learn how to integrate Okta with SecurityCoach. Once you set up this integration, data provided by Okta will be available under the SecurityCoach tab of your KSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns.

For general information about SecurityCoach, see our SecurityCoach Product Manual.

Tip:SecurityCoach also supports integrating Okta as a Splunk vendor. If your organization uses Splunk for security information and event management, we recommend integrating through Splunk instead by following our Splunk Integrations Guide for SecurityCoach.

Setting Up the Integration in Okta

Before you can set up this integration in your KSAT console, you'll need to create a read-only administrator account in Okta and create an API token.

Creating a Read-Only Administrator Account

First, you'll need to create a read-only administrator account for Okta. To create the account, follow the steps below:

  1. Log in to your Okta console.
  2. Navigate to Directory > People.
  3. Select Add person. A pop-up window will open.
  4. In the Add Person pop-up window, enter your preferred details for this new account.
  5. Select Save to create the new account.
  6. Navigate to Security > Administrators.
  7. Select +Add administrator.
  8. In the Administrator assignment by admin page, select the following options:
    1. Admin: Select the account you created earlier.
    2. Role: Select Read-only Administrator.
  9. Select Save Changes to create the new administrator account.

Creating Your API Token

To create your API token, follow the steps below:

  1. Log in to your Okta console using your new read-only administrator account.

  2. Navigate to Security > API.

  3. Select the Tokens tab.

  4. Select Create Token.

  5. Enter your preferred name for the token.

  6. Select Create Token to display your new token.

    Important:Make sure to copy this token and save it in a place that you can easily access later. You'll need this token for the Setting Up the Integration in KSAT section.
  7. Once you have saved your token, select OK, got it to close the window.

Setting Up the Integration in KSAT

To set up the integration in your KSAT console, follow the steps below:

  1. Log in to your KSAT console.
  2. Navigate to SecurityCoach > Setup.
  3. In the Available Integrations section, locate the Okta card and select Configure > Direct Integration.
  4. Paste the API token you created earlier into the API Token field.

  5. In the API Domain field, enter your organization's unique Okta domain.

    Note: If you do not know your Okta domain, use Okta's Find your Okta Domain Find your Okta Domain (link opens in new window) article to locate the domain.
  6. Select Authorize.

Mapping Your Users

After you’ve finished integrating Okta, we recommend mapping your users through mapping rules or through a CSV file upload. For more information, see our Map Users in SecurityCoach article.

Once you’ve successfully authorized this integration, you can manage detection rules for Okta in the Detection Rules subtab of SecurityCoach. For a full list of available system detection rules for Okta, see our System Detection Rules by Vendor article.

Was this article helpful?

2 out of 2 found this helpful

Can't find what you're looking for?

Contact Support