unSkript Documentation
Free SandboxBlogGitHubSlack Community
  • What is unSkript?
  • Guides
    • Contribute to Open Source
    • Getting started
      • Sign Up/Install
      • Authentication
        • Okta configuration
          • Okta Groups Sync
      • Create a Proxy
      • Add Credentials to Connect your Resources
      • Key Terms
  • RunBooks
    • Prebuilt xRunBooks
      • xRunBooks for CloudOps
      • xRunBooks for Cost Optimization
      • xRunBooks for DevOps
      • xRunBooks for IAM
      • xRunBooks for SecOps
      • xRunBooks for SRE
      • xRunBooks for Troubleshooting
    • Creating RunBooks
      • Importing unSkript xRunBooks
      • Create a xRunBook
      • Add an Action
      • Connecting Actions
      • Create a RunBook Input Parameter
      • Create a Credential
      • Writing Notes
      • Running XRunBooks
        • Running RunBooks with Approvals
      • Schedules
      • xRunBook Executions
      • Alarms
        • Create an Alarm Webhook
          • Webhooks for onprem installations
        • Create a Grafana Alert
        • Attaching runbooks to alarms
      • Folders
      • RunBook Outputs
  • Actions
    • What is an Action?
    • Create Custom Actions
    • Create Actions with AI
    • Actions
      • Action Configuration
        • Configure Action Inputs
        • Add Action Inputs
        • Action Output
        • Action Iterator
          • Using Iterators
        • Action Poll
        • Action Start Condition
      • Anatomy of an Action
    • Prebuilt Actions
  • Healthchecks
    • What is a HealthCheck?
    • Create a HealthCheck
      • Create a HealthCheck Folder
      • Adding Checks
    • HealthCheck Parameters
    • Running HealthChecks
    • HealthCheck Remediation
  • Workflows
    • What is a Workflow?
  • Connnecting
    • Connectors
      • Airflow
        • Airflow Actions
      • AWS
        • AWS Actions
          • AWS Cloudwatch Actions
          • AWS EC2 Actions
          • AWS ECS Actions
          • AWS EKS Actions
          • AWS ELB Actions
          • AWS IAM Actions
          • AWS Postgres Actions
          • AWS RDS Actions
          • AWS RedShift Actions
          • AWS S3 Actions
          • AWS VPC Actions
      • Azure
        • Azure Actions
      • ChatGPT
        • ChatGPT Actions
      • Datadog
        • Configuring webhook in Datadog
        • Datadog Actions
          • Datadog Alert Actions
          • Datadog Metrics Actions
          • Datadog Monitor Actions
      • Elasticsearch
        • Elasticsearch Actions
      • GCP
        • GCP Actions
          • GCP Bucket Actions
          • GCP GKE Actions
          • GCP IAM Actions
          • GCP VM Actions
      • Github
        • Github Actions
      • Grafana
        • Grafana Actions
      • Hadoop
        • Hadoop Actions
      • Jenkins
        • Jenkins Actions
      • Jira
        • Jira Actions
      • Kafka
        • Kafka Actions
      • Kubernetes
        • K8s Actions
      • MongoDB
        • MongoDB Actions
      • MS SQL
        • MSSQL Actions
      • MySQL
        • MySQL Actions
      • Netbox
        • Netbox Actions
      • Nomad
        • Nomad Actions
      • OpenSearch
        • opensearch Actions
      • Pingdom
        • Pingdom Actions
      • Postgres
        • Postgres Actions
      • Prometheus
        • Prometheus Actions
      • Redis
        • Redis Actions
      • REST
        • REST Actions
      • SalesForce
        • SalesForce Actions
      • Slack
        • Slack Actions
      • Snowflake
        • Snowflake Actions
      • Splunk
        • Splunk Actions
      • SSH
        • SSH Actions
      • Stripe
        • Stripe Actions
      • Terraform
        • Terraform Actions
      • Zabbix
    • Proxies
      • Environment
        • RunBooks Across Environments: ServiceIDs
      • unSkript Proxy
      • AWS Proxy
      • GCP Proxy
    • Secret store
      • Vault
  • Tooling
    • Role Based Access Control
      • RBAC Roles
    • API reference
      • Authentication
      • Endpoints
        • Executions
        • RunBooks
        • Schedules
    • Command Line Tool
    • Notifications
  • Fundamentals
    • Jupyter Notebook 101
  • Use Cases
    • DevOps
    • SRE
  • Open source
    • Runbooks.sh
    • Contribute to Open Source
  • Lists
    • AWS Service Quota list
Powered by GitBook
On this page

Was this helpful?

  1. Guides
  2. Getting started
  3. Authentication
  4. Okta configuration

Okta Groups Sync

PreviousOkta configurationNextCreate a Proxy

Last updated 2 years ago

Was this helpful?

We support manual Okta groups sync. The superAdmin group member can trigger the group sync by clicking on Sync Okta Groups on the User Groups tab.

Credentials required for group sync

unSkript pulls the Okta groups info by using Okta API Token. We would need the following piece of information to configure API access to Okta

  • Tenant URL - This is the url to your Okta domain, in the form https://acme.okta.com

  • API Token - This should be generated by an Okta user who has Read access right to Applications and Groups Okta API. To generate API token, go to Security->API->Tokens->Create token

  • APP ID - This is the ID of the Okta SAML application which was used during configuration of Okta as IDP for Auth0. On the Okta Admin panel,

    • Go to Applications->Application

    • Click on the Okta SAML application, configured for unSkript.

    • The app ID is present in the url as shown below

  • On unSkript, go to More->Settings->Okta API Access and fill in the info collected above.

  • With the Okta group sync enabled, users CANNOT create groups inside the unSkript app.

  • To trigger the Okta groups sync, go to More->User Management->User Groups and click on Sync Okta Groups. These groups can be assigned unSkript roles as explained hereRole Based Access Control

  • However, users still need to be invited to the unSkript app, by the admin. Go to More->User Management->Invite User. Since the groups are already pulled in from Okta and unSkript has the user->group mapping, user will get the role corresponding to the Okta groups, user is part of.