Skip to main content




Okta is an ownership platform. You can use Okta to drive insights into values such as:

  • Authentication
  • Ownership


You'll first need to create an API token which has access to list groups and view group memberships.

  1. Fetch your Okta domain by logging into Okta, and get the prefix in the url. For example, our URL is https://**{cortex}**, where cortex is the prefix.
  2. Create an API token by logging into Okta. You must have administrator privileges for the Okta account.

Once you've created an API Token, and add it under Settings → Okta.


This API key is NOT used for SSO. For SSO, read our Okta SSO Guide.

Service Registration

Cortex can pull team memberships from Okta groups.

Service Descriptor

You can define the following block in your Cortex Service Descriptor to add your Okta group as a service owner.
- type: group
name: Engineering # group name in Okta

The group name is case-sensitive and should be exactly the same as in Okta.


  1. I've added an API token but the login is still using Google.
    1. The Okta API Token only used for Ownership. See our Okta SSO Guide on how to use Okta for SSO.