After you configure the connection between the AlienApp for Okta and the Okta API, the predefined, scheduled job collects event logs from Okta every 20 minutes. After USM Anywhere collects and analyzes the first of these events, the Okta dashboard is available in the Dashboards menu.
Before you can collect and analyze Okta log data within USM Anywhere, you must have an API token that USM Anywhere can use to connect to your Okta environment. Okta issues an API token for a specific user and all requests with that token act on behalf of that user.
Important: You must have Okta Super Administrator or Org Administrator privileges to generate a valid API token for integration with the AlienApp for Okta. See their Administrators article for more information about administrator privileges in Okta.
To acquire the Okta API token
- Open your Okta administration dashboard with your user login.
- Select Security > API.
- At the top of the page, click Create Token.
In the dialog box, enter a name for the token and click Create Token.
The name should indicate the intended use for the token, such as USM-Anywhere.
Okta generates the unique token and displays the value in the dialog box.
Copy the Token value to your clipboard or an encrypted text file and click OK, got it.
The list in the page includes your new token.
Note: If you (or another administrator) revoke this token and create a new one, you must also update the settings for the AlienApp for Okta in USM Anywhere.
After you generate an Okta API token and copy the value, you're ready to enable the AlienApp for Okta in USM Anywhere.
- In USM Anywhere, go to Data Sources > Integrations.
Click the AlienApps tab.
On the AlienApps page, click the Okta tile.
The Status tab is displayed, but the status information indicates an error until the AlienApp for Okta is configured.
If you have more than one deployed USM Anywhere Sensor, select the Sensor that you want to use for the enabled AlienApp.
USM Anywhere AlienApps operate through a deployed Sensor and use APIs to integrate with the connected third-party technology. Select the Sensor that can access the integration endpoint. The HTTPS connections to the API will originate from this Sensor.
- Click the Settings tab.
Enter the connection information to access the API for your Okta environment:
- Okta URL: Enter the URL that you use to access your Okta environment.
- Okta API Token: Click Change API token and enter the API token value that you copied when you created the token.
- Click Save.
Click the Status tab to verify the connection.
If the icon appears, there is a problem with the connection. The Message column provides information about the issue. Repeat the steps to fix the configuration or troubleshoot your Okta connection.