Documentation

Okta

Suggest Edits

Create a new app integration

ℹ️

Note

Ensure you are logged in to your Okta account as an administrator.

  1. Within the Okta console, navigate to Applications, and click Create App Integration.
  2. Click API Services, enter the name BT Insights - Connector, and click Save.
    • Okta provides a Client ID under Client Credentials. Save your Client ID for use in Insights.
  3. Navigate to Client Credentials and click Edit.
  4. Select Public key / Private key next to Client authentication.
  5. Select Add key, then Generate new key.
  6. Select PEM under Private key.

ℹ️

Note

Only one key can be active at a time.

  1. Click Copy to clipboard, save your key for use in the next step, and click Done when finished.
  2. Navigate to Okta API Scopes, and grant access to the following:
    • okta.apiTokens.read
    • okta.apps.read
    • okta.groups.read
    • okta.idps.read
    • okta.logs.read
    • okta.policies.read
    • okta.roles.read
    • okta.users.read
    • okta.orgs.read
    • okta.networkZones.read
  3. Navigate to General Settingsand click Edit.
  4. Uncheck Require Demonstration of Proof-of-Possession (DPoP) header in token requests.
  5. When finished, click Save.

Create a new role and resource set

  1. Within the Okta console, navigate to Security, and select Administrators.
  2. Select Roles > Create new role, and provide the role a name of Identity Security Insights.
  3. Under Identity and Access Management, select the View roles, resources, and admin assignments option.
  4. Click Save role.
  5. Navigate to Resources, and select Create new resource set.
  6. Provide the resource set a name of Identity Security Insights.
  7. Click Add resource set.
  8. In the search field, choose Identity and Access Management, and select the following:
    • All Identity and Access Management resources
  9. Click Save resource set.

Add the administrator role to Insights

  1. Navigate to Applications, and select your new BT Insights - Connector app.
  2. Go to Admin Roles > Edit Assignments.
  3. Select the new Identity Security Insights role and Identity Security Insights Resource set.
  4. Click Add assignment.
  5. Select the Read-only Administrator role.
  6. Click Save changes.

Create connector in Insights

  1. Within the Insights Tenant dashboard, navigate to Menu > Connectors > Available and click Create Connector beside Okta.

  2. Provide the following information to connect to Okta:

    • Configuration Name: A human-readable name for your Okta connector.

    • Domain: Your full Okta domain, e.g., subdomain.okta.com.

      If copying your domain from the address bar, remove the -admin ending (e.g., subdomain-admin.okta.com).

    • Client ID: Paste the Client ID provided in your Okta configuration above.

    • PEM Key: Paste the PEM key generated in your Okta configuration above.

  3. Click CREATE CONNECTOR.

Navigate to the Configured Connectors panel (Menu > Connectors > Configured) to confirm that connector creation was successful and review any connector settings.

Updated 18 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.