Add database integration

Early Access release

To start managing access to user accounts on your database instance, you must create a separate integration for each instance.

Before you begin

  • You have a resource admin role.

  • You've reviewed and completed the Database integration prerequisites.

  • You know the host and port to connect to the database instance.

  • You have a dedicated user on the database instance with the necessary privileges to manage the integration.

Add database integration

  1. Go to Resource Administration > Integrations.

  2. From the Resource type dropdown list, select Databases.

  3. Click Add Integration.

  4. Select the database type.

  5. Complete the following database integration details:

    1. Enter an Integration name. This is the alias for this database instance.

    2. Optional. Add a Description.

    3. Select an Orchestration group.

    4. Enter the Hostname and Port. The values for the hostname and port are used for the gateway to access the target database instance.

  6. Under Integration user, enter the username and password.

  7. Click Test and Save integration.

If the test fails, examine the specific error code returned in the UI. Most failures result from network/firewall restrictions (the Orchestrator cannot see the database) or insufficient permissions for the integration user. Always ensure your integration user has the minimum required permissions.

Add account rules

Account rules allow you to choose which user accounts in the integrated database instance become managed resources in Okta Privileged Access.

  1. Enter rule name

  2. Select the Operator and enter a Value.

  3. Optional. Click Add a condition to onboard another database account.

  4. Assign the database accounts to a resource group and a project.

  5. Click Save rule.

  6. Go back to the Accounts tab. You see your accounts after the sync is complete. The sync to discover new accounts automatically runs every twenty four hours. You can also manually trigger discovery of new accounts by using the Sync now feature.

Activate Sync now

Use this feature to manually trigger discovery of new database accounts.

  1. Go to Resource Administration > Integrations.

  2. Click the Resource type dropdown menu, and then select Databases.

  3. Click the Actions menu on the database account you want to activate Sync now.

  4. Click Sync now. This will immediately trigger the discovery of new database accounts.

Next step

Security policy