Okta Integration for SaaS Discovery

Set up an integration with Okta to streamline the discovery of your SaaS applications.

Overview

Okta provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, website web services, and devices.

Okta is a valuable source for discovery as it provides not only the ability to discover services and users but also to discover employee and department data.

👍

Tip

If you plan to manually review every link for discovered applications, before configuring the integration, deactivate automatic linking in the discovery inbox settings. For details, see Automatic Linking.

Integration details

Integration CategoriesAuthentication MechanismAPI Endpoints Used
Single Sign-On Systems (SSO)API - OAuthFor API authentication: /oauth2/v1/token

For SaaS discovery: /api/v1/apps

Implementation Details

SAP LeanIX uses the Okta SDK for Go version 2 to interact with Okta's Core API. This SDK allows us to manage various Okta resources, such as users, groups, and applications. To learn more about Okta SDK, see Okta SDK Golang.

API reference: The SDK leverages endpoints provided by Okta's Core API. You can find detailed information about these endpoints, including request and response formats, in their documentation Okta Core API.

Rate limits: To ensure smooth operation and avoid disruptions, be mindful of the rate limits imposed by Okta's API. The specific rate limits for different operations are detailed in their documentation Okta API Rate Limits.

Listing Applications: A common use case is listing all applications within an Okta organization. You can find the relevant endpoint for this operation in their documentation Applications API.

To cross-check the discovered services, go to the Okta Administrator console and select Applications under the Applications section on the left-side pane.

Discovery Capabilities

Available capabilitiesEntity descriptionOkta resource
SaaS DiscoverySaaS discovery is the process of automatically identifying applications.Apps

Set up Okta

To integrate Okta as a discovery integration you need to enable SAP LeanIX API service integration in the Okta admin panel.

To do so follow these steps:

  1. Open Okta admin panel and go to Applications > API Service Integrations and click Add Integration
  2. Select LeanIX - SaaS Discovery application, which requires the following scope:
  • okta.app.read

  1. Select the application, and click Next at the bottom of the page.

  2. Okta automatically selects and presents the required permission. You can review them and click on Install & Authorize.

  3. Copy the Client Secret and click Done.

  4. Copy Okta Domain and Client ID.

Pass configuration values to the SAP LeanIX app

  1. Proceed to SAP LeanIX and input the credentials you have generated on the Okta Admin Portal.

  2. Click Finish and wait for the connection to be established.