Integrate with Okta Wokforce Identity
In this topic, you will learn how to integrate Portnox™ Cloud with Okta Workforce Identity Cloud.
-
In the Cloud portal top menu, click on the Settings option.
-
In the Cloud portal left-hand side menu, click on the
option.
-
Under the Okta Universal Directory heading and description, click on the
Edit link.
-
Click on the Disabled/Enabled switch to put it in the Enabled
position.
-
In the Integration mode field, select the REST API option.
This option is selected by default.
Important: In this topic, you will integrate Portnox Cloud with Okta using the Okta REST API. If you would rather integrate using LDAP, go to the following topic: Integrate with Okta Workforce Identity using LDAP -
In the Okta domain field, enter your Okta organization domain.
For example, vorlon.okta.com
-
Create an Okta API token to integrate with Portnox Cloud.
-
If you want to allow life cycle synchronization, click on the Allow lifecycle synchronization
checkbox to activate it.
Life cycle synchronization means that Portnox Cloud will react to changes in the directory. For example, if this setting is on, and if you disable or delete an Okta user, all the devices associated with this user will be unregistered from Cloud. If this setting is off, you will have to unregister devices manually or wait until the retention period expires. By default, life cycle synchronization is on.
-
Add all domains that you want users to authenticate with. Repeat the following steps for all relevant domains:
You can use all domains in your Okta directory or only selected domains.
- Click on the Add domain name link next to the Domain names heading.
- In the text field that appears in place of the link, enter the domain name used by your Okta users and click on the Add button.
-
If you want users to use Okta SSO when logging in to Portnox Cloud, select the Enable SSO for CLEAR
admins checkbox.
To enable SSO for Portnox Cloud admins, you need to add an application to your Okta directory.
-
If you want to onboard users and devices onto your network using Okta SSO, click on the Enable user and
device onboarding.
To enable Portnox Cloud onboarding through Okta SSO, you need to add an application to your Okta directory.
- Click on the Save button to save your Okta integration configuration.
-
Under the OKTA UNIVERSAL DIRECTORY section, click on the Force sync
link.
Portnox Cloud will start synchronizing immediately in the background with your Okta directory. If you do not click Force sync, the synchronization process will be started automatically later.
Note: If your Okta directory is very large, this process can take up to approximately an hour.
Result: Your Okta Workforce Identity Cloud integration is now active. You can authenticate devices on your network using the Okta directory.