# Okta

Okta is an identity and access management (IAM) platform that authenticates workforce and customer users across web, mobile, and on-premises applications, defending against credential theft, account takeover, and unauthorized access. Connecting Okta forwards System Log records to Radiant Security via the Okta API, and enables identity response actions through the same connection. Radiant uses Okta authentication and admin telemetry to surface anomalous logins, MFA failures, and privilege changes, giving analysts the identity context needed to triage account-compromise alerts.

At the end of this configuration, you provide Radiant Security with the following values:

* **Okta domain**, in the form `https://my-org.okta.com`
* **API token**

### Prerequisites

* [ ] Okta Super Admin service account
* [ ] Administrator role in Radiant Security

{% hint style="info" %}
The token is used for both data ingestion and Okta response actions. Response actions require write scopes on users, sessions, and network zones, so generate the token from a Super Admin service account. A [read-only admin](https://help.okta.com/en/prod/Content/Topics/Security/administrators-read-only-admin.htm) is sufficient only if you do not plan to enable response actions.
{% endhint %}

{% hint style="warning" %}
API tokens are valid only while the user who created them remains active. Tokens issued by deactivated users are rejected. Use a service account that will not be deactivated and whose permissions will not change. See [Okta's API token management guidance](https://help.okta.com/oie/en-us/Content/Topics/Security/API.htm) for details.
{% endhint %}

### Generate the API token in Okta

{% stepper %}
{% step %}

#### **Open the Okta Admin Console**

Sign in to Okta as the administrator account you intend to use for the token. In the upper right corner, click **Admin** to open the Admin Console.

<div align="left"><figure><img src="/files/jKJJQuVMAVggthDXIf7g" alt="" width="299"><figcaption></figcaption></figure></div>
{% endstep %}

{% step %}

#### **Navigate to the API tokens page**

In the left sidebar, navigate to **Security > API**.

![](/files/vuUbzRj9OXqmy0M0CQ7W)
{% endstep %}

{% step %}

#### **Create the token**

Click **Create Token**. Enter an identifiable name (e.g., `Radiant Security API Token`) and click **Create Token** again.

&#x20;![](/files/sC7TgxuExTg2Q86iPBIR)
{% endstep %}

{% step %}

#### **Copy the token value**

Copy the **Token value** shown in the pop-up and store it securely.

<div align="left"><figure><img src="/files/Q93xdv16bngr9KPFcg19" alt="" width="239"><figcaption></figcaption></figure></div>

{% hint style="warning" %}
The token value is shown only once and cannot be retrieved later. If it is lost, you must generate a new token.
{% endhint %}
{% endstep %}
{% endstepper %}

### Add the credential in Radiant Security

1. Sign in to [Radiant Security](https://app.radiantsecurity.ai/).
2. From the navigation menu, select **Settings** > **Credentials** and click **+ Add Credential**.
3. Search for and select **Okta**, then click **Configure Credential**.
4. Under **Credential Name**, enter a descriptive name (e.g., `Okta-Credentials`).
5. Under **Required Credentials**, enter the values from Okta:
   * **Okta domain**, in the form `https://my-org.okta.com`
   * **API token**
6. Click **Add Credential** to save the configuration.

### Add the data connector in Radiant Security

1. From the navigation menu, select **Settings** > **Data Connectors** and click **+ Add Connector**.
2. Search for and select **Okta**, then click **Data Feeds**.
3. Under **Select your data feeds**, select **Okta Alerts & Activity Logs** and click **Credentials**.
4. From the drop-down, select the Okta credential you created.
5. Click **Add Connector** to save the configuration.

### Add the action connector in Radiant Security

The Okta action connector lets Radiant execute identity response actions against the same Okta tenant, including user account lockdown, session termination, and IP blocking through Okta Network Zones. For the full list of supported actions and the Okta scopes each one requires, see [Okta actions](https://help.radiantsecurity.ai/radiant-cases/radiant-cases/response-actions#okta-actions).

1. From the navigation menu, select **Settings** > **Action Connectors** and click **+ Add Connector**.
2. Search for and select **Okta**.
3. Confirm that the Okta credential is selected.
4. Click **Add Connector**.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.radiantsecurity.ai/radiant-connectors/data-connectors/okta.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.