Most secure integration method with manual configuration

The Private Key integration method provides the highest level of security for connecting Ravenna to your Okta organization. This method requires manual configuration in Okta but offers enhanced security through public/private key cryptography.

This integration method requires manual setup and cannot be configured through the Okta Integration Network marketplace.

Setup Guide

Create Okta API Service Integration Manually

These steps must be performed by an Okta user with permissions to create Application Integrations
1

Create App Integration

Login to Okta and navigate to “Applications”, then select “Create App Integration”

2

Select Integration Type

Choose “API Services” as the integration type

3

Name the App Integration

Provide a name for your integration (e.g., “Ravenna API Integration”) and click Save

4

Configure Private Key Authentication

Configure the authentication method:

  1. Select “Private Key/Public Key” as the Client Authentication Method
  2. Click “Add Key” to generate a key pair
  3. Copy the Client ID for later use
5

Generate PEM Key Pair

Generate a new PEM key pair for the integration

6

Save Private Key and KID

Important: Copy and securely store both:

  • The Private PEM Key
  • The KID (Key Identifier)

You will need both values to configure Ravenna

7

Disable DPoP Requirement

Uncheck the “Require DPoP” option to ensure compatibility

8

Grant Required Scopes

Add the following Okta API scopes to the integration:

  • okta.users.read
  • okta.groups.read
  • okta.groups.manage
  • okta.apps.read
  • okta.apps.manage
9

Assign Admin Roles

Grant the following admin role to the integration:

  • Application Administrator

Add Integration to Ravenna

These steps must be performed by a Ravenna Organization Admin
1

Navigate to Ravenna Integrations

Login to Ravenna and go to “Settings” then select “Integrations”

2

Select Okta Integration

Choose “Okta” from the available integrations

3

Choose Private Key Method

Select “Private Key” as your authentication method

4

Enter Integration Details

Provide the following information from your Okta setup:

  1. Okta Domain: Your Okta domain (e.g., https://your-org.okta.com)
  2. Client ID: The Client ID from your Okta integration
  3. Private Key PEM: The Private Key PEM you saved earlier
  4. KID: The Key Identifier (KID) you saved earlier
5

Complete Setup

Click “Add Okta” to complete the integration setup

Security Benefits

The Private Key integration method provides enhanced security through:

  • Public Key Cryptography: Uses asymmetric encryption instead of shared secrets
  • Key Rotation: Keys can be rotated without service interruption
  • Reduced Attack Surface: No client secrets stored in multiple locations
  • Audit Trail: Enhanced logging and monitoring capabilities

Next Steps

Once your Okta integration is connected, Ravenna will automatically:

  • Import your Okta applications
  • Sync user and group information
  • Enable access request workflows through Okta groups

You can view and manage your imported applications in the Ravenna Organization Settings.