If you're having trouble at any stage please contact us at firstname.lastname@example.org.
The goal of this guide is to add a new SkyFormation's Okta Cloud App Connector to your SkyFormation Platform.
The Okta connector collects data from two data sources
- System Log API - the new API - shown in the application as "logs" endpoint
- Events API - the soon to be deprecated API -o Jan 29 2021 - shown in the application as "events" endpoint
See Okta's deprecation notice
If you have an existing connector, please go to the connector status page (where the endpoints are showed) and make sure that the logs endpoint is active while the events endpoint is stopped. If you're now adding a new cloud connector, please do the same verification after you finish to configure the connector.
Okta information needed for the SkyFormation Okta connector on-boarding
Your organization's Okta URL
- API Token
Follow this guide to get an Okta user's API token. Make sure the user has the following Okta
() View users
() View groups
() View system log
All these permissions are granted to an Okta “Read-Only Admin”
See: Okta security administrators
Firewall/Network connections needed for SkyFormation application
- Open the following services to be approachable from the SkyFormation machine:
On-board SkyFormation for Okta steps
1. Logon to your SkyFormation Platform:
2. Navigate via left navigation panel to "Settings" section
3. Navigate via New Settings left navigation panel to "Accounts" section
4. Click the "Add Account" bottom
5. At the "SELECT SERVICE TO ADD" choose "Okta"
You will see the below screen:
5. Fill in the following information:
- Account Name
Give the Okta account a meaningful name for you. This will become your cloud app connector
name displayed in the application and the events sent to external systems as SIEM/Splunk.
e.g. "Corporate IDaaS service"
Add a text that describes the Okta service account for you.
e.g. "An identity provider as a service for our org SaaS applications SSO needs"
The organization's OKTA URL
- API token
The API token of the Okta user that will be used for the connector API integration needs.
6. Make sure the status of the new Okta connector is OK and green.
Your are done !