Axonius Documentation
Start typing to search…

Okta

Overview

Okta is a cloud-based identity and access management (IAM) platform that provides single sign-on (SSO), multi-factor authentication (MFA), user lifecycle management, and application access control. The Axonius Okta adapter enables visibility into Okta users, groups, roles, applications, and related identity configurations to support security posture management, access audits, and identity governance.

Use cases the adapter solves

The Okta adapter can fetch information regarding enrolled users and their registered applications and permissions. This can be used for access auditing or other related controls.

Types of Assets Fetched

Devices | Users | Application Extensions | Admin Managed Extensions | User Initiated Extensions | Application Add-On | Roles | Groups | Application Settings | Application Extension Instances | Admin Managed Extension Instances | User Initiated Extension Instances | Application Add-On Instances | Application Keys | Activities | SaaS Applications | Accounts/Tenants | Alerts/Incidents | Application Resources | Permissions

Data Retrieved from Okta

  • Devices: Device ID, device type, OS details, compliance status, last sign-in, associated user information.
  • Users: Username, display name, email, status (active/inactive/deprovisioned), group memberships, role assignments, authentication factors, MFA enrollment, last login, custom attributes, profile information.
  • Groups: Group metadata, memberships, group type (Okta-managed, imported, dynamic), assigned applications, rules and policies.
  • Applications and Extensions: Assigned applications, application settings, extensions, add-ons, application resources, permissions, keys, OAuth grants, SSO configurations.
  • Roles and Permissions: Role definitions, role assignments, administrative roles, permissions per role, access scopes.
  • Audit and Activity Logs: User activity, authentication events, session events, administrative changes, security events, API access logs, system logs.
  • Configurations and Policies: Authentication policies, sign-on policies, MFA settings, organization-wide settings, notification settings, security rules.
  • General Fields: Last login timestamp, activity logs, deprovisioned status, enriched identity metadata, real-time updates (if enabled).

Before You Begin

Authentication Methods

The Okta adapter can be connected using one of the following authentication methods:

  • API Key – Recommended for standard read-only connections.
  • OAuth2 – Recommended for secure delegated access, supporting public/private key authentication.

Required Permissions

Roles:
  • Read-Only Administrator
Permissions:
  • okta.users.read
  • okta.groups.read
  • okta.apps.read
  • okta.roles.read
  • okta.logs.read
  • okta.devices.read

More Information About This Adapter

Deploying the Okta Adapter

Advanced Settings

Related Enforcement Actions

Updated 12 days ago