Configure Single Sign-On for Okta

If Okta is your org's Identity Provider, you can configure Single Sign-On (SSO) access to Identity Security Posture Management (ISPM) using the Okta ISPM - SSO OIDC app.

Before you begin

Ensure that you're signed in to Okta as a super admin, app admin, or a custom admin role with app management permissions.

Obtain Okta SSO configuration information

  1. In the Identity Security Posture Management console, go to SettingsUser management.

  2. Select Configure Okta SSO.

  3. Copy and store the values for the following fields. You need these later.

    • ISPM Subdomain

    • Connection Name

    • Cell Identify

Add the Okta ISPM SSO app

  1. Add the app from the Okta Integration Network page or do the following steps:

    1. In the Admin Console, go to ApplicationsApplications.

    2. Click Browse App Catalog.

    3. Search and select the Okta ISPM - SSO OIDC app.

      Make sure that you select Okta ISPM - SSO OIDC app and not Okta ISPM - Data integration API app.

  2. Click + Add integration.

  3. On the General Settings tab, enter the values that you copied from the ISPM console:

    • ISPM Subdomain

    • Connection Name

    • Cell Identify

  4. Click Done.

  5. From the Authentication tab, copy the client ID and secret and store the information safely.

  6. On the Assignments tab, click Assign and follow the prompts on the UI to assign this app to users. Okta recommends that you assign the app using group assignment instead of individual assignment.

Share the parameters with ISPM

  1. In the Identity Security Posture Management console, go to SettingsUser management.

  2. Select Configure Okta SSO.

  3. Enter the following information:

    • Okta domain URL: Enter your org's Okta domain URL.

    • Client ID: Enter the Client ID you copied earlier.

    • Client secret: Enter the Client secret you copied earlier

  4. Click Submit.