Okta Integration

Updated 1 month ago by Andrew White

Okta connects any person with any application on any device and with atSpoke, you can now trigger Okta actions from within an atSpoke request.

Access to the Okta integration is only available to users on the Plus Plan

Setup in Okta:

This connection requires an API Key. An Okta admin will need to retrieve their API Key in Okta

  1. Click the Security Menu
  2. Select API from the dropdown
  3. On the API page click Create Token
  4. Name the token with something you'll remember - we used atSpoke actions
  1. Copy the API Key to your Clipboard
  2. When you've copied the API key, choose Ok got it

When you have the API key copied, navigate to your atSpoke instance.

Setup in atSpoke

  1. Navigate to Settings
  2. Select the Integrations tab
  3. When you find the Okta tile, choose Connect
  4. Enter your Okta Domain URL
  5. Paste the API Key which you copied from Okta
  6. Select at least one atSpoke team. Any team selected will have the ability to trigger Okta actions in atSpoke. The Okta integration will only show in the Bolt icon if the team was selected when setting up the integration

Once enabled, Admins can either disable or edit the connection to add or remove atSpoke teams directly from the Integrations tab under Settings. 

Only Admins can view, enable, configure, edit, and disable Integrations

Actions

To trigger actions in Okta, click on the Bolt icon in the request sidebar, then choose Okta:

Any admin or team member who can view a request will be able to trigger an action in Okta off of the request. The Requester will not be able to trigger Okta actions or view the actions menu on the atSpoke requests.

Once an Okta action is triggered on an atSpoke request, a message update will be added to the request panel.

Example

Here's an example of using Okta actions to grant software access to a user using atSpoke.

  1. Click the Bolt Icon
  2. Choose Okta
  3. Click Assign individual app to user
  1. Confirm the requester's email address
  2. select the App which you'd like to give access, and click assign

A message will be displayed on the atSpoke request confirming the user was successfully added

Functionality

These bolded terms can be used as Slash commands while in Slack, in addition to choosing the action from the request panel within atSpoke:

  • Remove user from a group: this allows you to remove a user from a new group. We only show groups assigned to the requester. So requester email is not editable.
  • List apps assigned to user: this allows you to list apps assigned to user
  • Assign individual app to user: Allows to assign an app to a user. We only show apps that are not assigned to the requester. So requester email is not editable.
  • Reset user password: this sends an Okta reset password email to the requester
  • Unlock user: useful for security breaches, this unlocks the requester in Okta, so they can continue to sign into third-party applications using Okta SSO
  • Activate user: mostly run during onboarding, this activates the requester and gives them access to any groups they’ve been added to
  • Deactivate user: mostly run during offboarding, this deactivates the requester and removes access to any groups they were previously added to
  • Suspend user: useful for temporary and contract employees or for extended leaves of absence. This suspends a requester from all groups and applications they were previously added to
  • Unsuspend user: useful for temporary and contract employees or for extended leaves of absence. This unsuspends a requester from all groups and applications they were previously added to
  • List enrolled MFA for user: Allows to list requester's enrolled MFAs
  • Reset user factors: this allows you to reset the requester's factors for multi-factor authentication (MFA)
  • Clear all user sessions: Clears out all active user logins


How did we do?


Powered by HelpDocs (opens in a new tab)