Sailpoint IdentityIQ – Configuring Okta Connector
SailPoint Okta Connector will manage user profiles and identity data. SailPoint Okta Connector enables single sign-on authentication across multiple applications and devices. SailPoint Okta Connector manages Users, Groups, Roles and Application using Rest API provided by Okta
In order to configure Sailpoint IdentityIQ with Okta connector, the following high-level steps are required:
– Generate an Okta API Token ( Okta admin console )
An administrative user must be granted an Okta API token for authentication purposes.
– Add new application definition ( Sailpoint IdentityIQ Applications)
In IdentityIQ Okta users are managed as accounts and groups, roles and applications are managed as entitlement.
The following screen-shots highlight the token generation and application configuration:
- First we will generate a new Okta API Token. Login to the Okta admin console, click on Security and select API.
- Select Create Token button
3. On the screen, write the name for the Token
4. Okta will generate a new token number. Copy and past this value to a secure location. We will use this value later during the Sailpoint Okta connector configuration.
5. Once Okta token generated, you will see it in the list of tokens available.
6. Now login to the Sailpoint IdentityIQ as an admin and click on the Applications | Application Definition option.
7. Click Add New Application button
8. On the Sailpoint Details page write down the Okta Lab as application name and select Okta in the application type.
9. Sailpoint IdentityIQ will load the settings related to the Okta connector. Click on the configuration Settings. Paste the URL name for your okta instance name and the token value generated before.
10. Click Test Connection and you should get a Test Successful message.
11. Click Save button to get your basic configuration completed.
12. Now you will see available now the Okta Lab configuration as part of your Application definition list.
We will explore more on the Sailpoint IdentityIQ Okta connector in future posts.