Opal + Okta

Product Overview

Okta connects any person with any application on any device.

It's an enterprise-grade, identity management service, built for the cloud, but compatible with many on-premises applications. With Okta, IT can manage any employee's access to any application or device. Okta runs in the cloud, on a secure, reliable, extensively audited platform, which integrates deeply with on-premises applications, directories, and identity management systems.

Integration Overview

Opal natively integrates with Okta, which enables employees to request for Apps, Roles, and Groups. In addition, Opal syncs with Okta as a source of truth for identity - importing users, organizational attributes, and their group mapping.

Use Cases

Modern Access Management

Using Opal, customers can:

  • Grant just-in-time access to critical resources that are auto-expiring and fully audited
  • Enable resource owners with the most context to approve access requests and provision access automatically via Slack
  • Ensure that privileged resources have the appropriate identity governance and approval configurations, such as multi-stage approvals, max duration, custom fields, and more
  • Automate user access reviews so compliance teams can snapshot user listings, assign reviewers to self-service reviews, propagate access changes, and generate an auditor-friendly access report
  • Automatically escalate privileges (and revoke access) when developers are on-call via integrations with PagerDuty and Opsgenie


Integration Setup

Once Okta is set up as an App, admins can easily use the same API credentials to import user attributes from Okta as the identity provider.

1. In the Apps sidebar, click on "New App", and select Okta

2. Create your API token and upload account credentials

3. Once the Okta app is set up, admins can navigate to Settings and set up your Identity Provider to easily sync users and attributes. Note: Opal will re-use the same API token


Integrate