You can integrate Okta with Openpath to import and sync users automatically.
NOTE: To enable this feature, you must have administrative privileges in your Okta account. We recommend using a dedicated service account that uses only the “Group” role as that role contains only the permissions that Openpath requires to synchronize your users and groups.
- Under Integrations > All Integrations, click on the Okta integration tile.
- Enter your API URL. This should be the Okta domain for your organization, prefixed with https://, for example, https://yourcompanyname.okta.com.
- Enter an API Key. First you’ll need to generate an Okta API Key (Token) associated with the Okta service account you have created for this integration. Ideally you should create a dedicated API Key to be used only with the Openpath integration, so that you have control over the lifecycle of this integration.
NOTE: Once you save the API Key, Openpath does not use or otherwise expose the API Key anywhere except when using it to call Okta to synchronize users and groups.
- After saving the API key, you can enable the following settings:
- Auto-sync every 1 hour – this will sync Openpath with Okta once every hour.
- Auto-create mobile credential – this will create a mobile credential for every user.
- Auto-create cloud key credential – this will create a cloud key credential for every user.
- Auto-assign to groups – this lets you assign Okta groups to groups you’ve created in Openpath.
- Auto-remove users from groups – this will remove users from Openpath groups if they no longer exist in Okta groups.
- Only import users from groups that have an Openpath group mapping – if this is enabled, no users will be imported from Okta if they are not assigned to an Openpath group.
After saving, you now have the option to Manually Sync. You can perform this action at any time by clicking the Sync icon on the lower righthand corner.