Setup
Connecting your Okta Organization to Ravenna through an Okta OAuth Integration allows Ravenna to help aid in application access requests using Okta groups.
Once Ravenna is connected to your Okta Organization, Ravenna will automatically import your Okta Applications and allow you to view them within the Ravenna Organization Settings and select application approvers.
Okta Integration Overview
In order to Integrate Ravenna with your Okta Organization we leverage the Okta API Service Integration which leverages OAuth 2.0 API Access to Okta.
Different Integration Methods
There are two ways to setup a Ravenna Okta Integration.
-
Okta API Integration Store
- Easy setup less secure than Private Key
-
Okta Manual API Integration through Private Key
- Most secure way needs to currently be manually configurated (Limitation from okta)
Setup Guide
Install Ravenna Okta API Integration
You can add Ravenna to your Okta Organization from the API Integration service list
Create Okta API Service Integration Manually
These Steps within Okta need to done by a Okta User that has access to create a Application Integration
Create App Integration
Login to Okta and go to “Applications” and select “Create App Integration”
Select Integration Type
Select the Integration type to be “API Services”
Name the App Integration
Name the Integration and click Save
Add Private Key Authentication
Select the “Private Key Authentication” option, copy the Client ID. 1. Select “Private Key/Public Key” as the Client Authentication Method 2. Select “Add Key”
Generate PEM Key
Add Public PEM Key and Copy
Copy the Private PEM Key and the KID (Save this for later)
Do not Require DPoP
Uncheck the “Require DPoP” option
Add Scopes
Add the following Okta API scopes to the Integration -
okta.users.read
-okta.groups.read
-okta.groups.manage
-okta.apps.read
- ‘okta.apps.manage’
Add Admin Roles
Add the following Admin Roles to the Integration -
Application Administrator
Add Okta Integration to Ravenna
These steps need to be done by a Ravenna Organization Admin
Connect Okta Integration
Login to Ravenna and go to “Settings” and select “Integrations”
Select Okta Integration Type
Select the “Okta” Integration type” (Client Secret or Private Key)
Connect Okta - Client Secret
After hitting the “Client Secret” button, you will be prompted to enter the following information:
- Okta Domain: The Okta domain for your organization (e.g.
https://your-org.okta.com
) - Client ID: The Client ID for the Okta Integration
- Client Secret: The Client Secret for the Okta Integration
- Click “Add Okta”
Connect Okta - Private Key
After hitting the “Private Key” button, you will be prompted to enter the following information:
- Okta Domain: The Okta domain for your organization (e.g.
https://your-org.okta.com
) - Client ID: The Client ID for the Okta Integration
- Private Key PEM: The Private Key PEM that was generated in the previous steps
- KID: The KID that was generated in the previous steps
- Click “Add Okta”