Page cover

Okta

This section covers ClearFeed <> Okta Integration

ClearFeed integrates with Okta to enable secure and automated user management. Follow the steps below to set up the integration.

Integrate Okta

  1. Sign in to your Okta organization as a user with administrative privileges.

  2. In the Admin Console, go to Applications > Applications, and then click Create App Integration. The Create a new app integration page appears.

  3. Select API Services as the Sign-in method, and then click Next.

  4. Enter a name for your app integration and click Save. The app's main page appears.

  5. In the service app that you created, select Admin Roles and click on Edit Assignments.

  6. It is recommended to create a new custom role with permissions to manage users, groups, applications, and Identity Access Management. The specific permissions you assign should depend on how you intend to use Okta with ClearFeed. Alternatively, you can use an existing role such as the Organization Administrator role if it already provides the necessary permissions. Once the role is created or selected, assign it to the service app and click Save Changes when you finish. You may be prompted to authenticate.

  7. Go to the Okta API Scopes tab, and grant all the following scopes:

    okta.users.read
    okta.users.manage
    okta.groups.read
    okta.groups.manage
    okta.apps.read
    okta.apps.manage
  8. Head over to the General Settings section and click on the Edit button. Deselect the Require Demonstrating Proof of Possession (DPoP) header in token requests checkbox and click on the Save button to save your configurations.

  9. In the Client Credentials section of the General tab, click Edit to change the client authentication method.

  10. Select Public key/Private key as the Client authentication method. Then click Add Key > Generate New Key.

  11. Copy the PEM Private Key from here. Click Done. Click Save to save changes.

    Security Warning: Treat the PEM Private Key as a password. Store it in a secure location immediately. This key is not stored in Okta and cannot be retrieved again after you close this window. If you lose the key, you will need to generate a new one.

  12. This Private Key, along with Client ID and Key ID (KID) from the General Tab, should be entered on the Connection to Okta in ClearFeed.

Last updated

Was this helpful?