Okta

Version: 2.1.1

Okta is an integrated identity and mobility management service. Built from the ground up in the cloud, Okta securely and simply connects people to their applications from any device, anywhere, at anytime. Okta integrates with existing directories and identity systems, as well as thousands of on-premises, cloud and mobile applications, and runs on a secure, reliable and extensively audited cloud-based platform.

Connect Okta with LogicHub

  1. Navigate to Automations > Integrations.
  2. Search for Okta.
  3. Click Details, then the + icon. Enter the required information in the following fields.
    • Label: Enter a connection name.
    • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
    • Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).
    • Remote Agent: Run this integration using the LogicHub Remote Agent.
    • URL: URL to your okta instance
    • API Key: The API key to connect to the Okta.
  4. After you've entered all the details, click Connect.

Actions for Okta

List Users

Lists users in your organization with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
Users LimitMaximum number of users to fetch (upper bounded by 100,000).Optional
FilterJinja-templated text containing value of filter as described here. Example: lastUpdated gt "2013-06-01T00:00:00.000Z" and (status eq "{{status1}}" or status eq "{{status2}}")Optional
Include DeprovisionedShould deprovisioned users be included in the listing (True/False). Default value is False.Optional

Output

A JSON object containing user details.

{
   "lastLogin":null,
   "activated":null,
   "statusChanged":null,
   "lastUpdated":"2021-07-07T12:28:17.000Z",
   "passwordChanged":null,
   "has_error":false,
   "id":"00uahr0rjgaMzEj6P357",
   "profile":{
      "email":"[email protected]",
      "firstName":"QA_1",
      "lastName":"QA_1",
      "login":"[email protected]",
      "mobilePhone":"555-415-1337",
      "secondEmail":null
   },
   "error":null,
   "status":"STAGED",
   "type":{
      "id":"oty11af7talMxxxxxxx"
   },
   "credentials":{
      "emails":[
         {
            "status":"VERIFIED",
            "type":"PRIMARY",
            "value":"[email protected]"
         }
      ],
      "provider":{
         "name":"OKTA",
         "type":"OKTA"
      }
   },
   "created":"2021-07-07T12:28:17.000Z",
   "_links":{
      "self":{
         "href":"https://{{OKTA_URL}}/api/v1/users/vgkytv0rjgaMzExxxxx"
      }
   }
}

Lookup User

Get user's identity and access details.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
User Login ID Column NameColumn name from parent table having okta user login id.Required

Suspend User

Suspend a User.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
User Login ID Column NameColumn name from parent table having okta user login id.Required

Deactivate User

Deactivate a User.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
User Login ID Column NameColumn name from parent table having okta user login id.Require

Expire Password

Expires password for a User.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input NameDescriptionRequired
User Login ID Column NameColumn name from parent table having okta user login id.Required
Sets the user's password to a temporary password.Select if you want to set a temporary password. (Default is False)No

Output

A JSON object containing Temporary password if True is set in the input.

{
	"has_error":false,
	"tempPassword":"ke2g5JQj",
	"error":null
}

Or else a JSON object containing details of user

{
   "lastLogin":"2023-12-18T13:05:24.000Z",
   "activated":"2023-01-09T09:09:36.000Z",
   "statusChanged":"2023-12-19T08:30:54.000Z",
   "lastUpdated":"2023-12-19T08:30:54.000Z",
   "passwordChanged":"2023-12-19T08:30:54.000Z",
   "has_error":false,
   "id":"{id}",
   "profile":{
     "mobilePhone":null,
     "firstName":"TEST",
     "lastName":"TEST",
     "secondEmail":null,
     "login":"[email protected]",
     "email":"[email protected]"
   },
   "error":null,
   "status":"PASSWORD_EXPIRED",
   "type":{
     "id":"{id}"
   },
   "credentials":{
     "provider":{
       "type":"OKTA",
       "name":"OKTA"
     },
     "password":{},
     "emails":[
       {
         "status":"VERIFIED",
         "type":"PRIMARY",
         "value":"[email protected]"
       }],
     "recovery_question":{
       "question":"What is the food you least liked as a child?"
     }
   },
   "created": "2023-01-09T09:09:35.000Z",
   "_links":{
     "schema":{
       "href":"https://dev-513990.okta.com/api/v1/meta/schemas/user/osc11af7talMCtvDM357"
     },
     "suspend":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/suspend",
       "method":"POST"
     },
     "forgotPassword":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/forgot_password",
       "method":"POST"
     },
     "self":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}"
     },
     "expirePassword":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/expire_password",
       "method":"POST"
     },
     "deactivate":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/deactivate",
       "method":"POST"
     },
     "deactivate":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/deactivate",
       "method":"POST"
     },
     "changePassword":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/change_password",
       "method":"POST"
     },
     "changeRecoveryQuestion":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/change_recovery_question",
       "method":"POST"
     },
     "type":{
       "href":"https://dev-513990.okta.com/api/v1/meta/types/user/{id}"
     },
     "resetPassword":{
       "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/reset_password",
       "method":"POST"
     }
   }
}

Release Notes

  • v2.1.1 - New action Expire Password
  • v2.0.0 - Updated architecture to support IO via filesystem
  • v1.1.4 - Added documentation link in the automation library.

© Devo Technology Inc. All Rights Reserved.