Okta
Version: 2.1.1
Okta is an integrated identity and mobility management service. Built from the ground up in the cloud, Okta securely and simply connects people to their applications from any device, anywhere, at anytime. Okta integrates with existing directories and identity systems, as well as thousands of on-premises, cloud and mobile applications, and runs on a secure, reliable and extensively audited cloud-based platform.
Connect Okta with LogicHub
- Navigate to Automations > Integrations.
- Search for Okta.
- Click Details, then the + icon. Enter the required information in the following fields.
- Label: Enter a connection name.
- Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
- Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
- Remote Agent: Run this integration using the LogicHub Remote Agent.
- URL: URL to your okta instance
- API Key: The API key to connect to the Okta.
- After you've entered all the details, click Connect.
Actions for Okta
List Users
Lists users in your organization with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| Users Limit | Maximum number of users to fetch (upper bounded by 100,000). | Optional |
| Filter | Jinja-templated text containing value of filter as described here. Example: lastUpdated gt "2013-06-01T00:00:00.000Z" and (status eq "{{status1}}" or status eq "{{status2}}") | Optional |
| Include Deprovisioned | Should deprovisioned users be included in the listing (True/False). Default value is False. | Optional |
Output
A JSON object containing user details.
{
"lastLogin":null,
"activated":null,
"statusChanged":null,
"lastUpdated":"2021-07-07T12:28:17.000Z",
"passwordChanged":null,
"has_error":false,
"id":"00uahr0rjgaMzEj6P357",
"profile":{
"email":"[email protected]",
"firstName":"QA_1",
"lastName":"QA_1",
"login":"[email protected]",
"mobilePhone":"555-415-1337",
"secondEmail":null
},
"error":null,
"status":"STAGED",
"type":{
"id":"oty11af7talMxxxxxxx"
},
"credentials":{
"emails":[
{
"status":"VERIFIED",
"type":"PRIMARY",
"value":"[email protected]"
}
],
"provider":{
"name":"OKTA",
"type":"OKTA"
}
},
"created":"2021-07-07T12:28:17.000Z",
"_links":{
"self":{
"href":"https://{{OKTA_URL}}/api/v1/users/vgkytv0rjgaMzExxxxx"
}
}
}
Lookup User
Get user's identity and access details.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| User Login ID Column Name | Column name from parent table having okta user login id. | Required |
Suspend User
Suspend a User.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| User Login ID Column Name | Column name from parent table having okta user login id. | Required |
Deactivate User
Deactivate a User.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| User Login ID Column Name | Column name from parent table having okta user login id. | Require |
Expire Password
Expires password for a User.
Input Field
Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.
| Input Name | Description | Required |
|---|---|---|
| User Login ID Column Name | Column name from parent table having okta user login id. | Required |
| Sets the user's password to a temporary password. | Select if you want to set a temporary password. (Default is False) | No |
Output
A JSON object containing Temporary password if True is set in the input.
{
"has_error":false,
"tempPassword":"ke2g5JQj",
"error":null
}
Or else a JSON object containing details of user
{
"lastLogin":"2023-12-18T13:05:24.000Z",
"activated":"2023-01-09T09:09:36.000Z",
"statusChanged":"2023-12-19T08:30:54.000Z",
"lastUpdated":"2023-12-19T08:30:54.000Z",
"passwordChanged":"2023-12-19T08:30:54.000Z",
"has_error":false,
"id":"{id}",
"profile":{
"mobilePhone":null,
"firstName":"TEST",
"lastName":"TEST",
"secondEmail":null,
"login":"[email protected]",
"email":"[email protected]"
},
"error":null,
"status":"PASSWORD_EXPIRED",
"type":{
"id":"{id}"
},
"credentials":{
"provider":{
"type":"OKTA",
"name":"OKTA"
},
"password":{},
"emails":[
{
"status":"VERIFIED",
"type":"PRIMARY",
"value":"[email protected]"
}],
"recovery_question":{
"question":"What is the food you least liked as a child?"
}
},
"created": "2023-01-09T09:09:35.000Z",
"_links":{
"schema":{
"href":"https://dev-513990.okta.com/api/v1/meta/schemas/user/osc11af7talMCtvDM357"
},
"suspend":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/suspend",
"method":"POST"
},
"forgotPassword":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/forgot_password",
"method":"POST"
},
"self":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}"
},
"expirePassword":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/expire_password",
"method":"POST"
},
"deactivate":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/deactivate",
"method":"POST"
},
"deactivate":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/deactivate",
"method":"POST"
},
"changePassword":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/change_password",
"method":"POST"
},
"changeRecoveryQuestion":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/change_recovery_question",
"method":"POST"
},
"type":{
"href":"https://dev-513990.okta.com/api/v1/meta/types/user/{id}"
},
"resetPassword":{
"href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/reset_password",
"method":"POST"
}
}
}
Release Notes
v2.1.1- New actionExpire Passwordv2.0.0- Updated architecture to support IO via filesystemv1.1.4- Added documentation link in the automation library.
Updated 11 months ago