Okta

ClearFeed’s Okta integration enables IT teams to manage user identities and access controls—such as resetting passwords or managing group memberships—directly from Slack.

Supported Features

With the Okta integration enabled, your IT team can use AI Agents to auto-respond to identity-related queries or Trigger Okta actions like:

• Reset user passwords

• Unlock locked user accounts

• Suspend, unsuspend, deactivate, or reactivate users

• View apps assigned to a user

• Add or remove users from Okta groups

Integrate Okta

To connect Okta with ClearFeed, follow the below steps:

• Sign in to your Okta organization as a user with administrative privileges.

• In the Admin Console, go to Applications > Applications, and then click Create App Integration. The Create a new app integration page appears.

  
• Select API Services as the Sign-in method, and then click Next.

  
• Enter a name for your app integration and click Save. The app's main page appears.

  
• In the service app that you created, select Admin Roles and click on Edit Assignments.

  
• It is recommended to create a new custom role with permissions to manage users, groups, applications, and Identity Access Management. The specific permissions you assign should depend on how you intend to use Okta with ClearFeed. Alternatively, you can use an existing role such as the Organization Administrator role if it already provides the necessary permissions. Once the role is created or selected, assign it to the service app and click Save Changes when you finish. You may be prompted to authenticate.

  
• Go to the Okta API Scopes tab, and grant all the following scopes:

  Copy

  okta.users.read
  okta.users.manage
  okta.groups.read
  okta.groups.manage
  okta.apps.read
  okta.apps.manage

  
• Head over to the General Settings section and click on the Edit button. Deselect the Require Demonstrating Proof of Possession (DPoP) header in token requests checkbox and click on the Save button to save your configurations.

• In the Client Credentials section of the General tab, click Edit to change the client authentication method.

  
• Select Public key/Private key as the Client authentication method. Then click Add Key > Generate New Key.

  
• Copy the PEM Private Key from here. Click Done. Click Save to save changes.

  Security Warning: Treat the PEM Private Key as a password. Store it in a secure location immediately. This key is not stored in Okta and cannot be retrieved again after you close this window. If you lose the key, you will need to generate a new one.

  
• This Private Key, along with Client ID and Key ID (KID) from the General Tab, should be entered on the Connection to Okta in ClearFeed.

Using the Integration

Once the integration is set up, you can configure AI Agents in ClearFeed to handle Okta-related actions:

1. Set Up Your Okta AI Agent - Follow this guide to Create a new Agent.

   Make sure to add Okta as an Integration and define which specific actions can the AI Agent take in Okta on its own. Write your own prompt or customize the default one and test before rolling out

2. Manage Requests in Slack: Once deployed, ClearFeed offers below modes to manage Okta requests:

   1. Agent Assistant in Triage Threads - In triage channels, use ClearBot Assist to tag @clearfeed to perform actions like:

      1. reset password for @john.doe

      2. unlock account for @user.name

      3. add @user.name to Zoom group

   2. Virtual Assistant - Let the AI Agent deflect common IT queries posted in your internal Slack channels. When a user asks a question, like “How do I reset my password?” or “I can’t log in”, the Virtual Agent responds instantly, pulling help documentation and inform Requestor.

   3. Automate Okta Actions - Use ClearFeed Automations to:

      1. Trigger actions based on form inputs

      2. React to emoji triggers (e.g., 🔒 = suspend user)

Example Use Cases