Skip to main content

Integrating Okta

Capabilities

DataGrail's Okta Integration provides the following capabilities:

ProductCapability
Request Manager
Request TypesAccess, Deletion
Identifier CategoriesEmail
Live Data MapSystem Detection

Before You Start

To successfully configure this integration, please ensure you have sufficient privileges:

  • DataGrail User Role: Super Admin, Connections Manager
  • Okta User Role: Super Admin
Okta as an SSO Solution

This Okta integration is configured separately from your SSO solution. For more details on managing DataGrail SSO with Okta, please see: SSO/SAML Setup: Okta

Create a Read-Only Admin User

Create The User

  1. Log in to Okta using a Super Admin account.
  2. Select Directory and People.
  3. Select Add Person.
  4. For User type, select User. The remaining fields do not have strict requirements, but we recommend adding details to identify this user as being associated with DataGrail's integration.
  5. For Password, select Set by admin and enter a secure password.
  6. Uncheck User must change password on first login and click Save.

Assign Read-Only Admin

  1. Navigate to Security and then Administrators.
  2. Select Add Administrator and select the user you just created in the dropdown.
  3. Under Role, select Read-only Administrator.
  4. Select Save Changes.

Create an Okta API Key

  1. Log in to the newly created Okta user account.
  2. In the upper right-hand corner, select your profile and copy your Okta domain. Copy your Okta domain
  3. Navigate to Security and then API.
  4. Select the Tokens tab and then Create token.
  5. Enter a name for the token and save the Token Value in a secure location.
  6. Select OK, got it.

Connect to DataGrail

  1. Navigate back to DataGrail.
  2. Enter the Okta Domain from Create a an Okta API Key step 2.
  3. Enter the newly created API Token.
  4. Select Configure Integration.

Next Steps

Now that you've successfully connected the integration, check out the following resources:

Troubleshooting

If you are unable to successfully connect the integration, review these common troubleshooting steps:

Ensure Required Permissions Are Granted on API Keys/Resources

DataGrail checks required permissions and scopes on API keys/resources used by each integration. If all necessary permissions are not granted, new connections will fail.

Review Required Account Types and User Roles

If users do not have the necessary permissions or the minimum required user role in the connecting system, the connection to DataGrail will fail. Additionally, connections will fail if your account type does not match the one required by the integration.

See Before You Start to review these requirements.

Technical Details

Access TypeSynchronous
Deletion TypeSynchronous

API Documentation

Learn more about this API implementation and DataGrail functionality in our API Integration Documentation.

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.