Okta SaaS Ops Integration

Auvik SaaS Management’s integration with Okta allows you to automate common employee lifecycle tasks - granting and revoking access to the applications when needed to ensure compliance and give techs time to work on higher value tasks. 

Prerequisites

Before installing the Okta integration, ensure that you have:

• Required Auvik SaaS permissions to install integrations
  • From the Partner Hub: Default Admin
  • From the Client Hub: Client Admin
• A valid account for Okta with any necessary administrative privileges required
• An active subscription for Okta
• Any necessary API keys or access tokens (as applicable)

We recommend using a dedicated account with all integrations. This allows you to set a role with minimal permissions. The integration will stop working if this user’s account in Okta is deactivated.

Generating an API Key

1. Log in to your Okta Admin Console
2. Navigate to Security > API > Tokens
3. Select Create token
4. Enter a Name, such as SaaS Ops and Any IP in the API calls drop down

5. Copy and store the Token Value in a safe place, this will only be available once and is required for Configuration and Setup
6. Select OK, got it.

Generating a Client ID and Private Key

1. Log in to your Okta Admin Console
2. Navigate to Applications > Applications

3. Select Create App Integration

4. Select API Services
5. Select Next

5. Enter a Name, such as SaaS Ops
6. Within the General Tab
   1. Edit the Client Credentials to select Public key / Private key

2. Within Public Keys, select Add key
3. Select Generate New Key

3. Under Private Key, select PEM
4. Copy to Clipboard
5. Select Done.
   • Note: This key will not be available once the window is closed - ensure it is stored in a safe place as it will be required during Configuration and Setup

4. Under General Settings, select Edit
5. Deselect Proof of possession
6. Click Save

7. Within the Okta API Scopes Tab grant the following permissions;
   1. Okta.logs.read
   2. Okta.schemas.read

8. Within the Admin roles, ensure you have a Super Admin assigned
   1. Select Edit Assignments
   2. Select Super Admin
   3. Save Changes

Configuration & Setup

The Okta integration can be configured using Client credentials or API key. 

If Authenticating using Client credentials

1. Navigate to the Okta SaaS Ops Integration
   1. From the Partner Hub > Org Preferences > Integrations > Clients Tab
   2. From the Admin Hub > Utilities > SaaS Ops Integrations
2. Select Configure
3. Input your Okta Domain including the .com, Client ID and Private Key
   • Note: Ensure the Private Key is pasted in PEM format 

4. Select Connect

If you have configured the integration successfully you will be taken back to Auvik Saas Management and the Integration will showcase as Connected. 

If using API Key

1. Navigate to the Okta SaaS Ops Integration
   1. From the Partner Hub > Org Preferences > Integrations > Clients Tab
   2. From the Admin Hub > Utilities > SaaS Ops Integrations
2. Select API Key
3. Input your Okta domain, ensuring to include the full address including .com
4. Input the API Key provided during the creation process

If you have configured the integration successfully you will be taken back to Auvik SaaS Management and the Integration will showcase as Connected. 

How to Leverage Box with SaaS Ops

Review step by step instructions and any additional information specific to this integration including some FAQs. 

1. Onboarding
2. Offboarding

Available Functionality

Offboarding

• Deactivate User: Disable the user account
• Suspend User
• Delete User: Permanently delete the user account

Onboarding

• Add User
• Activate User