# Okta In this guide, you will create an API token in Okta to pull application activity telemetry and enable one-click containment and remediation tasks. This telemetry identifies impacted users with login activity from abnormal client environments such as OS, browser, geolocation, and more. At the end of this configuration, you will provide Radiant Security with these values: * **Okta domain** (the URL of your Okta domain) {% hint style="info" %} **Note:** The Okta domain should be provided in the following form: `https://my-org.okta.com.` {% endhint %} * **API Token** ### Prerequisites To create an API token with permissions to query Okta System Logs, you need to be logged in as an administrator user that has at least [read-only permissions.](https://help.okta.com/en/prod/Content/Topics/Security/administrators-read-only-admin.htm) {% hint style="warning" %} **Important Note:** Tokens are valid only if the user who created them is active. Tokens issued by deactivated users are rejected. To avoid service interruptions, Okta recommends generating API tokens using a service account that won’t be deactivated and with Super Admin permissions that won’t change. Please refer to [Okta documentation](https://help.okta.com/oie/en-us/Content/Topics/Security/API.htm) for information on token management. {% endhint %} ### Generate the API token 1. Log in as an Okta administrator. 2. From the upper right corner, click the **Admin** button to open the Okta Admin Console. ![](https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2FrRZB5tM7mkitxbzXAyRq%2FOkta_01.webp?alt=media\&token=2ca67b3f-2a5d-4cc3-b986-bc20f9221d27) 3. From the left side menu, navigate to **Security > API.** ![](https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2FWCSVtVnElPgK0ZVs4byA%2FOkta_02.webp?alt=media\&token=0f6458f4-2340-4da4-b71e-04a55a3b076e) 4. Click **Create Token.** ![](https://2439665791-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FPsFulb2ZOtSPcRSc2rXE%2Fuploads%2F7B95WdGmjiie8i4JZNC1%2FOkta_03.webp?alt=media\&token=3c0f5f13-1889-4397-94a7-6e959bfa3ae8) 5. Enter a name for your token such as **`Radiant Security API Token`** and click **Create Token.** 6. Copy the **Token value** in the pop-up screen.
{% hint style="info" %} **Note**: Be sure to copy and store the API token value carefully, as it cannot be retrieved later and can present a security risk if used in an unauthorized fashion. {% endhint %} ### Add the credentials in Radiant Security 1. Log in to [Radiant Security](https://app.radiantsecurity.ai/). 2. From the navigation menu, select **Settings** > **Credentials** and click **+ Add Credential**. 3. Select the correct vendor from the list and click **Configure Credential.** 4. Give the credential an identifiable name (e.g. `Okta Credentials`) and add the required fields. 5. Click **Add Credential** to save the changes. ### Add the data connector in Radiant Security 1. From the navigation menu, select **Settings** > **Data Connectors** and click **+ Add Connector**. 2. Select the correct vendor from the list and click **Data Feeds**. 3. Select the applicable data feed and click **Credentials**. 4. From the drop-down, select the credential, or click **+ Add New Credential** if it doesn’t already exist. 5. Click **Add Connector** to finish creating the new data connector. ### Add the action connector in Radiant Security 1. From the navigation menu, select **Settings** > **Action Connectors** and click **+ Add Connector**. 2. Select the correct vendor from the list.
3. Confirm that the selected credentials are correct. 4. Click **Add Connector**.