Okta integration
Okta is supported through the Mach5 connector framework. This page lists every supported operation and where it can be used.
Connection
- Connector kind:
okta - Configuration:
name,base_url,token_secret_ref, optionaldefault_page_size, optionalinitial_lookback_seconds.
How to use this integration
For Axon concepts, safety classes, idempotency, and outcomes, see Axon workflows.
Axon
Axon is the controlled action path for connector reads, enrichments, and side effects. Use Axon when a workflow needs to call Okta directly, enrich an investigation, or take an approved action. Invoke the connector kind okta with the operation name and JSON input.
connector: okta
operation: validate
input: { ... }
Ingest Pipelines
Use ingest pipelines for operations exposed as sources. These operations can checkpoint and stream records into Mach5-managed data.
source.connector: okta
source.operation: poll_system_log_page
source.config: { ... }
SQL
Use SQL for read operations exposed as table or scalar functions. Query the connector operation with JSON input and join the result with Mach5 data.
SELECT *
FROM connector_table('okta', 'poll_system_log_page', JSON '{}');
Supported operations
| Operation | What it does | Axon | Ingest Pipelines | SQL |
|---|---|---|---|---|
validate | Validate Okta credentials and base URL. | Yes | — | — |
poll_system_log_page | Fetch a page of Okta System Log events from a caller-owned cursor. | Yes | Yes | Yes |
bounded_system_log_range | Fetch Okta System Log events for a bounded time range. | Yes | — | Yes |
lookup_user | Lookup an Okta user by ID or login. | Yes | — | Yes |
list_users | List Okta users with bounded pagination. | Yes | — | Yes |
org_identity | Fetch Okta org metadata. | Yes | — | Yes |
search_users | Search Okta users with bounded pagination. | Yes | — | Yes |
create_user | Create an Okta user. | Yes | — | — |
update_user | Update an Okta user profile/credentials. | Yes | — | — |
deactivate_user | Deactivate an Okta user. | Yes | — | — |
reactivate_user | Reactivate an Okta user. | Yes | — | — |
delete_user | Delete an Okta user. | Yes | — | — |
user_lifecycle_action | Run an Okta user lifecycle action. | Yes | — | — |
lookup_group | Fetch an Okta group. | Yes | — | Yes |
list_groups | List Okta groups. | Yes | — | Yes |
search_groups | Search Okta groups. | Yes | — | Yes |
create_group | Create an Okta group. | Yes | — | — |
update_group | Update an Okta group. | Yes | — | — |
delete_group | Delete an Okta group. | Yes | — | — |
add_group_member | Add a user to an Okta group. | Yes | — | — |
remove_group_member | Remove a user from an Okta group. | Yes | — | — |
lookup_application | Fetch an Okta application. | Yes | — | Yes |
list_applications | List Okta applications. | Yes | — | Yes |
list_application_users | List assigned users for an Okta application. | Yes | — | Yes |
assign_application_user | Assign a user to an Okta application. | Yes | — | — |
unassign_application_user | Unassign a user from an Okta application. | Yes | — | — |
assign_application_group | Assign a group to an Okta application. | Yes | — | — |
unassign_application_group | Unassign a group from an Okta application. | Yes | — | — |
list_factors | List Okta user factors. | Yes | — | Yes |
reset_factor | Reset an Okta user factor. | Yes | — | — |
list_authenticators | List Okta authenticators. | Yes | — | Yes |
lookup_device | Fetch an Okta device. | Yes | — | Yes |
list_devices | List Okta devices. | Yes | — | Yes |
list_user_devices | List devices for an Okta user. | Yes | — | Yes |
device_lifecycle_action | Run an Okta device lifecycle action. | Yes | — | — |
lookup_session | Fetch an Okta session. | Yes | — | Yes |
revoke_session | Revoke an Okta session. | Yes | — | — |
list_policies | List Okta policies. | Yes | — | Yes |
get_policy | Fetch an Okta policy. | Yes | — | Yes |
update_policy | Update an Okta policy. | Yes | — | — |
list_zones | List Okta network zones. | Yes | — | Yes |
get_zone | Fetch an Okta network zone. | Yes | — | Yes |
update_zone | Update an Okta network zone. | Yes | — | — |
list_authorization_servers | List Okta authorization servers. | Yes | — | Yes |
list_oauth_clients | List OAuth/OIDC clients. | Yes | — | Yes |
list_scopes | List authorization server scopes. | Yes | — | Yes |
list_claims | List authorization server claims. | Yes | — | Yes |
list_roles | List Okta roles. | Yes | — | Yes |
get_role | Fetch an Okta role. | Yes | — | Yes |
assign_role | Assign an Okta role. | Yes | — | — |
revoke_role | Revoke an Okta role. | Yes | — | — |
inventory_export | Bounded Okta inventory export helper. | Yes | — | Yes |