Document toolboxDocument toolbox

Okta

Owned by Jonas Gonzalez
Last updated: Nov 29, 2024
4 min read
[ 1 Connect Okta with Devo SOAR ] [ 2 Actions for Okta ] [ 2.1 List Users ] [ 2.1.1 Input Field ] [ 2.1.2 Output ] [ 3 Release Notes ]

Okta is an integrated identity and mobility management service. Built from the ground up in the cloud, Okta securely and simply connects people to their applications from any device, anywhere, at anytime. Okta integrates with existing directories and identity systems, as well as thousands of on-premises, cloud and mobile applications, and runs on a secure, reliable and extensively audited cloud-based platform.

Connect Okta with Devo SOAR

  1. Navigate to Automations > Integrations.

  2. Search for Okta.

  3. Click Details, then the + icon. Enter the required information in the following fields.

  4. Label: Enter a connection name.

  5. Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.

  6. Verify SSL: Select option to verify connecting server's SSL certificate (Default is Verify SSL Certificate).

  7. Remote Agent: Run this integration using the Devo SOAR Remote Agent.

  8. URL: URL to your okta instance

  9. API Key: The API key to connect to the Okta.

  10. After you've entered all the details, click Connect.

Actions for Okta

List Users

Lists users in your organization with pagination in most cases. A subset of users can be returned that match a supported filter expression or search criteria.

Input Field

Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection.

Input Name

Description

Required

Input Name

Description

Required

Users Limit

Maximum number of users to fetch (upper bounded by 100,000).

Optional

Filter

Jinja-templated text containing value of filter as described here. Example: lastUpdated gt "2013-06-01T00:00:00.000Z" and (status eq "{{status1}}" or status eq "{{status2}}")

Optional

Include Deprovisioned

Should deprovisioned users be included in the listing (True/False). Default value is False.

Optional

Output

A JSON object containing user details.

``` {json}{ "lastLogin":null, "activated":null, "statusChanged":null, "lastUpdated":"2021-07-07T12:28:17.000Z", "passwordChanged":null, "has_error":false, "id":"00uahr0rjgaMzEj6P357", "profile":{ "email":"QA_1@example.com", "firstName":"QA_1", "lastName":"QA_1", "login":"QA_1@example.com", "mobilePhone":"555-415-1337", "secondEmail":null }, "error":null, "status":"STAGED", "type":{ "id":"oty11af7talMxxxxxxx" }, "credentials":{ "emails":[ { "status":"VERIFIED", "type":"PRIMARY", "value":"QA_1@example.com" } ], "provider":{ "name":"OKTA", "type":"OKTA" } }, "created":"2021-07-07T12:28:17.000Z", "_links":{ "self":{ "href":"https://{{OKTA_URL}}/api/v1/users/vgkytv0rjgaMzExxxxx" } } }

## Lookup User Get user's identity and access details. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :------------------------ | :------------------------------------------------------- | :------- | | User Login ID Column Name | Column name from parent table having okta user login id. | Required | ## Suspend User Suspend a User. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :------------------------ | :------------------------------------------------------- | :------- | | User Login ID Column Name | Column name from parent table having okta user login id. | Required | ## Deactivate User Deactivate a User. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :------------------------ | :------------------------------------------------------- | :------- | | User Login ID Column Name | Column name from parent table having okta user login id. | Require | ## Expire Password Expires password for a User. ### Input Field Choose a connection that you have previously created and then fill in the necessary information in the following input fields to complete the connection. | Input Name | Description | Required | | :------------------------------------------------ | :------------------------------------------------------------------- | :------- | | User Login ID Column Name | Column name from parent table having okta user login id. | Required | | Sets the user's password to a temporary password. | Select if you want to set a temporary password. (Default is `False`) | No | ### Output A JSON object containing Temporary password if `True` is set in the input. ``` {json}{ "has_error":false, "tempPassword":"ke2g5JQj", "error":null }

Or else a JSON object containing details of user

{json}{ "lastLogin":"2023-12-18T13:05:24.000Z", "activated":"2023-01-09T09:09:36.000Z", "statusChanged":"2023-12-19T08:30:54.000Z", "lastUpdated":"2023-12-19T08:30:54.000Z", "passwordChanged":"2023-12-19T08:30:54.000Z", "has_error":false, "id":"{id}", "profile":{ "mobilePhone":null, "firstName":"TEST", "lastName":"TEST", "secondEmail":null, "login":"TEST@gmail.com", "email":"TEST@gmail.com" }, "error":null, "status":"PASSWORD_EXPIRED", "type":{ "id":"{id}" }, "credentials":{ "provider":{ "type":"OKTA", "name":"OKTA" }, "password":{}, "emails":[ { "status":"VERIFIED", "type":"PRIMARY", "value":"TEST@gmail.com" }], "recovery_question":{ "question":"What is the food you least liked as a child?" } }, "created": "2023-01-09T09:09:35.000Z", "_links":{ "schema":{ "href":"https://dev-513990.okta.com/api/v1/meta/schemas/user/osc11af7talMCtvDM357" }, "suspend":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/suspend", "method":"POST" }, "forgotPassword":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/forgot_password", "method":"POST" }, "self":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}" }, "expirePassword":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/expire_password", "method":"POST" }, "deactivate":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/deactivate", "method":"POST" }, "deactivate":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/deactivate", "method":"POST" }, "changePassword":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/change_password", "method":"POST" }, "changeRecoveryQuestion":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/credentials/change_recovery_question", "method":"POST" }, "type":{ "href":"https://dev-513990.okta.com/api/v1/meta/types/user/{id}" }, "resetPassword":{ "href":"https://dev-513990.okta.com/api/v1/users/{id}/lifecycle/reset_password", "method":"POST" } } }

Release Notes

  • v2.1.1 - New action Expire Password

  • v2.0.0 - Updated architecture to support IO via filesystem

  • v1.1.4 - Added documentation link in the automation library.