Skip to content
Find out how we support MDR.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=Okta

Okta

API

You must have the "Identity" integrations license pack to use this feature.

You can integrate Okta with Sophos Central so that it sends authentication and authorization data to Sophos for analysis.

This integration is API-based.

The key steps are as follows:

  • Get details of your Okta service.
  • Generate an API token in Okta.
  • Add an integration in Sophos Central.

Get details of Okta service

You'll need the following details:

  • The Base URL for your service. This is in the following form: https://${yourOktaOrg}.
  • An API token.

Find your base URL

To find your Okta URL, also called an Okta domain, do as follows:

  1. Sign in to the Okta administrator console for your Okta organization.

  2. Look for the Okta domain in the global header, in the upper-right corner of the dashboard.

    Example Okta domains are as follows:

    • example.oktapreview.com
    • example.okta.com
    • example.okta-emea.com

  3. Copy the URL to use later in Sophos Central.

Generate an API token

To integrate Okta you'll need an API token. This is also sometimes called a key or secret.

To generate the API token, do as follows:

  1. Sign in to Okta as an administrator with the same rights that are needed to perform the API's actions.

    The API token inherits its user role and permissions from the signed-in administrator.

  2. In the Okta administrator console, go to Security > API.

  3. Click Create Token.

  4. Enter a name for your token.

    Copy the token value immediately. You can't retrieve it.

Add an integration

To integrate Okta with Sophos Central, do as follows:

  1. In Sophos Central, go to Threat Analysis Center and click Integrations.

  2. Click Okta.

    If you've already set up integrations of this type, you see them here.

  3. Click Add.

    Note

    If this is the first integration you've added, we'll ask for details about your internal domains and IPs. See My domains and IPs.

  4. In Integration steps, you configure an API to collect data from Okta. To do this, do as follows:

    1. Enter a name and a description for the integration.
    2. Enter the Base URL and API token.

  5. Click Save.

We create the integration and it appears in your list.

If your integration shows as Connected, your data should appear in the Sophos Data Lake after validation.

More information

For more information about finding your domain, we recommend your read the Okta documentation. See Find your Okta domain.