Okta Integration

Suggest Edits

Okta is the leading independent identity provider. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. Okta provides simple and secure access to people and organizations everywhere, giving them the confidence to reach their full potential.

Authenticating

Okta uses API Key based auth, a developer-friendly delegated access protocol. Quolum has already connected the necessary wires with Okta. Using a sequence of click-throughs, your organization's administrator allows Quolum to make API calls to Okta without getting access to passwords. Note: To fetch users from Okta, the below connection needs to be done irrespective of signup flow.

Step 1: Initiate a connection to Okta

Click the Connect button from the Connections card. If you are not an admin, you can invite your organization's Okta admin to make a connection to your Okta organization account. When you click on the Connect button, the web browser will navigate to the Okta login page.

1060

Quolum Catalog: Okta App

Step 2: Log in to Okta

Log in to Okta using your organization's credentials. The exact login mechanism may depend on your Okta plan, and the sign-in mechanism used. You may have corporate SSO such as Azure AD, GSuite, or Okta along with multi-factor authentication. Once you have successfully logged-in you can find the API Key and API Secret as mentioned below in Step 3.

472

Okta Authentication

Step 3: Finding the Credentials

Follow the steps outlined in the Okta documentation to create a new API token.

  1. Log in into your Okta account as a Super Admin. This allows the privilege to create a Token for API access.

  2. Go to Security > API and click Create Token. Give the token a name (for example, Quolum)

1920

Okta API Token

  1. Domain is the first part of your url once you log in into Okta. It is generally followed by .okta.com. The general format of the Domain is of the form - .okta.com. An example is shown below. The highlighted part is the in the below example
750

Okta Domain

Step 4: Back to Quolum

Once you have granted access to Quolum, Okta is going to send you back to Quolum's page in Step 1, where you started. The Connect button on the Connections card would now say Reconnect. Reconnect is used to reauthenticate under circumstances where the access has expired.

Under the hood

Using the OAuth protocol, Quolum now has delegated access to your Okta Workspace. The Quolum server, running on Amazon AWS VPC, will be able to make API calls and retrieve feature-level utilization. Later, this data is crunched and available for visualization on the Quolum dashboard.

Updated 2 months ago