Integrating Okta
Capabilities
DataGrail's Okta integration provides the following capabilities:
Product | Capability | ||||
---|---|---|---|---|---|
Request Manager |
| ||||
Live Data Map | System Detection |
Before You Start
To successfully configure this integration, please ensure you have sufficient privileges:
- DataGrail User Role: Super Admin, Connections Manager
- Okta User Role: Super Admin
This Okta integration is configured separately from your SSO solution. For more details on managing DataGrail SSO with Okta, please see: SSO/SAML Setup: Okta
Create a Read-Only Admin User
Create The User
- Log in to Okta using a Super Admin account.
- Select Directory and People.
- Select Add Person.
- For User type, select User. The remaining fields do not have strict requirements, but we recommend adding details to identify this user as being associated with DataGrail's integration.
- For Password, select Set by admin and enter a secure password.
- Uncheck User must change password on first login and click Save.
Assign Read-Only Admin
- Navigate to Security and then Administrators.
- Select Add Administrator and select the user you just created in the dropdown.
- Under Role, select Read-only Administrator.
- Select Save Changes.
Create an Okta API Key
- Log in to the newly created Okta user account.
- In the upper right-hand corner, select your profile and copy your Okta domain.
- Navigate to Security and then API.
- Select the Tokens tab and then Create token.
- Enter a name for the token and save the Token Value in a secure location.
- Select OK, got it.
Connect to DataGrail
- Navigate back to DataGrail.
- Enter the Okta Domain from Create a an Okta API Key step 2.
- Enter the newly created API Token.
- Select Configure Integration.
Next Steps
Now that you've successfully connected the integration, check out the following resources:
Troubleshooting
If you are unable to successfully connect the integration, review these common troubleshooting steps:
Ensure Required Permissions Are Granted on API Keys/Resources
DataGrail checks required permissions and scopes on API keys/resources used by each integration. If all necessary permissions are not granted, new connections will fail.
Review Required Account Types and User Roles
If users do not have the necessary permissions or the minimum required user role in the connecting system, the connection to DataGrail will fail. Additionally, connections will fail if your account type does not match the one required by the integration.
See Before You Start to review these requirements.
Technical Details
Access Type | Synchronous |
---|---|
Deletion Type | Synchronous |
API Documentation
Learn more about this API implementation and DataGrail functionality in our API Integration Documentation.
Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.