Skip to main content

Okta

AuthTeams

Summary

Okta is an ownership platform. You can use Okta to drive insights into values such as:

  • Authentication
  • Ownership

For SSO, read our Okta SSO Guide.

Setup

You'll first need to create an API token. Given Okta ties tokens to administrators, your administrator's role will need at the minimum View groups permissions.

  1. Fetch your Okta domain by logging into Okta, and get the prefix in the url. For example, our URL is https://**{cortex}**.okta.com/app/UserHome, where cortex is the prefix.
  2. Create an API token by logging into Okta. You must have administrator privileges for the Okta account in order to generate a token.

Once you've created an API Token, add it under Settings → Okta.

If you do not see the Settings page you're looking for in the sidebar, you likely don't have the proper permissions and need to contact your admin.

Registration

Cortex can pull team memberships from Okta groups.

Catalog Descriptor

You can define the following block in your Cortex Catalog Descriptor to add your Okta group as an owner.
x-cortex-owners:
  - type: group
    name: Engineering # group name in Okta
    provider: OKTA
    description: This is a description for this owner # optional

The group name is case-sensitive and should be exactly the same as in Okta.

Troubleshooting

  1. I've added an API token but the login is still using Google.
    1. The Okta API Token only used for Ownership. See our Okta SSO Guide on how to use Okta for SSO.