Integrating Okta with SecurityCoach
In this article, you will learn how to integrate Okta with SecurityCoach. Once you set up this integration, data provided by Okta will be available under the SecurityCoach tab of your KMSAT console. This data can be viewed in SecurityCoach reports and used to create detection rules for real-time coaching campaigns.
Click the links below to learn how to integrate Okta with SecurityCoach. For general information about SecurityCoach, see our SecurityCoach Product Manual.
Create Your Okta API Token
Before you can set up this integration in your KMSAT console, you will need to create a read-only administrator account. Then, you will need to create an API token using this new account.
To jump to the article subsection for each of these steps, click the links below:
Create a Read-Only Administrator Account
First, you will need to create a read-only administrator account for Okta. To create the account, follow the steps below:
- Log in to your Okta console.
- Navigate to Directory > People.
- Click Add person.
- In the Add Person pop-up window that opens, enter the details for the new user.
- Click Save to create the new user.
- Navigate to Security > Administrators.
- Click + Add administrator.
- Fill out the fields on the Administrator assignment by admin page. For more information about these fields, see below:
- Admin: Select the user you created in step 5 above.
- Role: Select Read-only Administrator.
- Click Save Changes to create the new administrator account.
Create Your API Token
After you have created a read-only administrator account, you can create your API token.
To create your API token, follow the steps below:
- Log in to your Okta console with the read-only administrator account you created in the Create a Read-Only Administrator Account section above.
- Navigate to Security > API.
- Select the Tokens tab.
- Click Create Token.
- Enter a name for the token.
- Click Create Token. Once you click this button, your token will display.
Important: Make sure to copy this token and save it in a place that you can easily access later. You will need this token during the setup process in the Set Up the Integration in KMSAT section below.
- Once you have saved your token, click the OK, got it button to close the window.
Once you have your API token, you can continue the setup process in your KMSAT console.
Set Up the Integration in Your KMSAT Console
Once you've created your Okta API token, you can set up the integration in your KMSAT console. To set up the integration in your KMSAT console, follow the steps below:
- Log in to your KMSAT console and navigate to SecurityCoach > Setup.
- In the Available Integrations section, locate the Okta card and click Configure.
- Paste your API token in the API Token field. This is the API token that you created in the Create Your API Token section above.
- In the API Domain field, enter your organization's unique Okta domain.
Note: If you do not know your Okta domain, you can locate it by following the steps in Okta's Find your Okta Domain article. If you need to access your Okta account to locate your domain, please open a separate window to log in to your Okta account.
- Click Authorize.
Map Your Users
After you’ve finished integrating Okta, you can map your users either through mapping rules (recommended) or through a CSV file upload. For more information about user mapping, see our Mapping Users in SecurityCoach article.
Once you’ve successfully authorized this integration, you can manage detection rules for Okta on the Detection Rules subtab of SecurityCoach. For a full list of available system detection rules for this vendor, see our Which Detection Rules Can I Use with My Vendors? article.