/
Source Configuration for Okta Importer

Source Configuration for Okta Importer

Okta API Connection Configuration

 

To integrate with Okta, an application must be registered. Once you register the application, you can fill in the Site, Client ID, Key ID (Kid), and Private Key (PEM) values.

You will need help from the Okta Admin in your organization for the following configuration.

 

  1. Access your Okta portal by logging in, then navigate to the admin menu and select the applications page at the following link: https://your-site.okta.com/admin/apps/active.

  2. Click on the “Create App Integration” button.

  1. Select the “API Services” and click next.

 

  1. Set the name “Okta Importer for JSM Assets“ and click the Save button.

  1. Store the Client ID in a secure place. Click on the Edit link and set the Client authentication to Public key / Private key.

  1. Then click the “Add key” button to add a key.

  1. Click on the “Generate a new key“ link.

  1. Copy the KID property of the Public Key and keep it in a secure place.

  2. Click on PEM and copy the Private Key by clicking “Copy to clipboard“. Save the auto-generated Privat Key - PEM text in a secure place.

  1. Click the “Save” button to save your changes to the “Client Credentials“.

  2. The General Settings would look like the following.

Make sure that Proof of possession is disabled. Sometimes it is enabled by default. If that is the case, please disable it.

Okta General Settings.png

 

12- Click the “Okta API Scopes“ tab and grant the following scopes for your application configuration:

  • okta.apps.read

  • okta.devices.read

  • okta.groups.read

  • okta.userTypes.read

  • okta.users.read

 

If you don't see the scope for Devices, your environment may not have the Devices feature enabled. In that case, please disable the "Devices" object type in the Admin Tab.

  1. The final configuration should resemble the following:

Okta API Scopes.png

  1. Click on the “Admin roles” tab. Select the “Edit assignments” button. Select the “Read-only Administrator” role and remove the other roles if there are any. Click the “Save Changes” button.

You can explore additional roles that may suit your needs. For more information on the available roles, please refer to the Okta documentation:

https://help.okta.com/en-us/content/topics/security/administrators-admin-comparison.htm

Okta Edit Assignments.png

  1. As a result, the “Admin Roles” tab should appear as follows.

Okta Admin Roles.png

  1. Navigate to your JSM site and launch the Okta Importer for JSM Assets application. Next, click on the Source tab and select “+ button.

image-20250711-150936.png

 

  1. Enter the required values for Site, Client Id, Key ID - (KID), and Private Key - PEM. Once you have filled in these fields, click the “Add Source” button to proceed.

image-20250711-151010.png

 

  1. Now configure the Destination.