Connecting to Okta

Okta is an Identity-as-a-Service (IDaaS) platform, which provides you and your colleagues with access to all other (company) software with one login. Okta is available on your computer, laptop, mobile phone or tablet, allowing you to access your applications anytime and anywhere. Okta helps IT become more secure, make people more productive, and maintain compliance.

Data integration: Skyvia supports importing data to and from Okta, exporting Okta data to CSV files, replicating Okta data to relational databases, and synchronizing Okta data with other cloud apps and relational databases.

Backup: Skyvia Backup does not support Okta.

Query: Skyvia Query supports Okta.

Okta-Specific Features and Limitations

Skyvia has the following limitations for Okta:

  • In the Data Integration product, Okta connections are supported only for packages, which use a new data integration runtime.

    Make sure that the Use new runtime checkbox is selected on the tab bar if you want to use Okta in your package.

  • Skyvia supports the following import (DML) operations for Okta objects:

    INSERT, UPDATE, DELETE: Applications, ApplicationUsers, AuthorizationServers, AuthorizationServerPolicies, AuthorizationServerPoliciyRules, AuthorizationServerClaims, AuthorizationServerScopes, EventHooks, Groups, InlineHooks, MFAEnrollPolicies, OktaSignOnPolicies, SMS_Templates, TrustedOrigins.

    INSERT, DELETE: ApplicationGroups, ClientApplications, EnrolledFactors, GroupMembers, PasswordPolicies, UserRoles.

    INSERT, UPDATE: Users.

    UPDATE, DELETE: IDPDiscoveryPolicies.

    DELETE: GroupRules, IdentityProviders.

    INSERT: LinkedObjects.

  • Skyvia supports Replication with Incremental Updates for such Okta objects: ApplicationCSRs, ApplicationKeyCredentials, Applications, AuthorizationServers, AuthorizationServerPolicies, AuthorizationServerPolicyRules, EnrolledFactors, EventHooks, Groups, GroupRules, InlineHooks, IdentityProviders, IDPDiscoveryPolicies, MFAEnrolledPolicies, OktaSignOnPolicies, SMS_Templates, PasswordPolicies, Schemas, TrustedOrigins, Users, UserRoles.

  • Skyvia supports Synchronization for such Okta objects: Applications, AuthorizationServers, AuthorizationServerPolicies, AuthorizationServerPolicyRules, EventHooks, Groups, InlineHooks, MFAEnrolledPolicies, OktaSignOnPolicies, SMS_Templates, TrustedOrigins, Users.

  • Skyvia does not support the Sessions object.
  • Skyvia does not support Insert/Update operations for the IdentityProviders.
  • Policies object and its peculiarities. We have divided Policies into four separate objects depending on their type: OktaSignOnPolicies, PasswordPolicies, MFAEnrollPolicies, AuthorizationServerPolicies.
  • EnrolledFactors object and its peculiarities. When importing data into this object, one of the required fields is FactorType, which has a set of values. Each of the factors must be first activated for the account. For this, you need to log in to your Okta account as an administrator, select Security -> Multifactor tab and activate the necessary factors from the list on the left. Only after that these types of factors can be used for enroll.

    Depending on the selected FactorType, you need to map the columns of the profile group. They are different for each type. Check it out here. For example, for the “question” type, you need to set Profile_Question and Profile_Answer.

Okta Connections

To connect to Okta, you need to specify your subdomain and API key. To start follow the below steps:

  1. Click +NEW in the top menu.
  2. Click Connection in the menu on the left to open the Select Connector page.
  3. In the opened page, select Okta.
  4. In the Connection Editor page, specify a connection name that will be used to identify the connection.
  5. Enter your Subdomain and API Key.

    Connection Editor window

  6. Finally, click Create Connection to create your Okta connection.

You need to specify the following parameters for your Okta connection:

  • Subdomain — your Okta subdomain name.
  • API Key — an automatically generated API key used for connecting to Okta. It can be found in your Okta account. If you have not created your API Key yet, find how to do it here.

Supported Actions and Actions Specifics

Okta connector supports the following actions: