Okta
Okta Connector Documentation
Overview
The Okta connector enables seamless integration between Leena AI and Okta's cloud-based identity and access management platform. This connector allows you to automate user administration tasks, manage group memberships, and streamline access control workflows directly from your Leena AI workspace.
Prerequisites
Before setting up the Okta connector, ensure you have:
- Administrator access to your Okta organization
- Access to Okta Admin Console
- Ability to create API tokens in Okta
- Access to your Leena AI workspace with connector management permissions
Setup Instructions
Step 1: Create API Token in Okta
-
Log in to your Okta Admin Console as an administrator
-
Navigate to Security in the sidebar
-
Select API from the dropdown menu
-
Click on Tokens
-
Click on Create token
Step 2: Configure Token Settings
Fill in the required details:
| Field | Description | Example |
|---|---|---|
| Name of the token | Enter a descriptive name for your token | "Leena AI Access" |
| IP Address restrictions | Valid IP addresses from where API calls can originate | "Any IP" |
Step 3: Save and Copy Token
-
Click Save to create the token
-
After saving, you'll see the authentication page
-
After successful authentication, copy the token value
Important: Store this token securely as it will only be displayed once.
Step 4: Configure Connector in Leena AI
- Log in to your Leena AI workspace
- Navigate to Settings > Integrations
- Search for "Okta" and select it from the list
- Click to add a new connector
Step 5: Enter Authentication Details
The Okta connector uses API key-based authentication. Provide the following information:
| Parameter | Description | Example |
|---|---|---|
| Base URL | Your Okta organization URL (must start with 'https://') | https://trial-392230-admin.okta.com/ |
| API Key | Token copied in Step 3, prefixed with 'SSWS ' | SSWS 00l2QY_**Lk2-q**Q1Kj__* |
Note: Make sure to append 'SSWS ' (with a space) before your token value.
Supported Actions
User Management
List All Users
Retrieve a list of all users in your Okta organization.
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| limit | Maximum number of results to return | 50 |
| filter | Filter expression for results | status eq "ACTIVE" |
| search | Search for users by name or email | john.doe |
| sort | Sort results by specific field | lastName |
| after | Cursor for pagination (next page) | (from previous response) |
Response: Returns all users matching the specified criteria.
Create User
Create a new user in your Okta organization.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| firstName | User's first name | John |
| lastName | User's last name | Doe |
| User's email address | [email protected] | |
| login | User's login (usually email) | [email protected] |
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| credentials | Password and recovery options | (credentials object) |
| groupIds | Array of group IDs to assign | (array of group IDs) |
Response: Returns the created user object with assigned ID.
Get User Details
Retrieve detailed information for a specific user.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| userId | The ID of the user | 00u1234567890abcde |
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| Expand | Fetch all user details, not just basic information | True |
Response: Returns complete user profile and status information.
Update User
Update an existing user's information.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| userId | The ID of the user | 00u1234567890abcde |
| profile | Updated profile information | (profile object) |
Response: Returns the updated user object.
Activate User
Activate a deactivated user account.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| User ID | The ID of the user | 00u1234567890abcde |
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| Send email | Send activation email to user | true/false |
Deactivate User
Deactivate a user account as part of the offboarding process.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| User ID | The ID of the user | 00u1234567890abcde |
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| Send email | Send deactivation email to user | true/false |
Suspend User
Temporarily suspend a user account. Useful for policy adherence, such as handling absconding users.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| userId | The ID of the user | 00u1234567890abcde |
Unsuspend User
Restore access for a suspended user account.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| userId | The ID of the user | 00u1234567890abcde |
Expire Password
Force a user to change their password on next login.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| userId | The ID of the user | 00u1234567890abcde |
Reset Forgotten Password
Initiate password reset for a user who has forgotten their password.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| userId | The ID of the user | 00u1234567890abcde |
| Send Email | Send email to user once password is reset | True |
Group Management
List All Groups
Retrieve a list of all groups in your Okta organization.
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| limit | Maximum number of results | 50 |
| filter | Filter expression | type eq "OKTA_GROUP" |
| search | Search groups by name | marketing |
| after | Cursor for pagination | (from previous response) |
Response: Returns array of group objects.
List Group Members
Retrieve all users within a specific group.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| Group | The name of the group | Sales Team |
Optional Parameters:
| Parameter | Description | Example |
|---|---|---|
| Limit | Maximum number of results | 50 |
| After | Cursor for pagination | (from previous response) |
Response: Returns array of user objects in the group.
Add/Remove User from Group
Add or remove a user from a group. Can be used as part of onboarding/offboarding workflows.
Required Parameters:
| Parameter | Description | Example |
|---|---|---|
| Group | The name of the group | Sales Team |
| User | The user to be added or removed | John Doe |
Use Cases
Onboarding Workflows
- Automatically create new user accounts
- Assign users to appropriate groups
- Set up initial credentials and access
Offboarding Workflows
- Deactivate user accounts
- Remove users from groups
- Suspend or revoke access
User Management
- Update user profile information
- Reset passwords
- Manage user status (active, suspended, deactivated)
Access Control
- Manage group memberships
- Control access to resources
- Enforce policy compliance
Troubleshooting
Common Issues
Authentication Failed
- Verify that your API token is prefixed with 'SSWS '
- Ensure your Base URL starts with 'https://'
- Check that your API token hasn't expired
User Not Found
- Verify the userId is correct
- Ensure you have permissions to access the user
Permission Denied
- Confirm your API token has sufficient permissions
- Check that your Okta admin account has the necessary privileges
Security Best Practices
- Store API tokens securely and never share them
- Use IP restrictions when possible to limit token usage
- Regularly rotate API tokens
- Monitor API token usage for suspicious activity
- Follow the principle of least privilege when assigning permissions
Support
For additional assistance with the Okta connector:
- Contact your Leena AI support team
- Refer to Okta's official API documentation
- Check Leena AI knowledge base for connector updates
Last Updated: November 2025
Updated about 19 hours ago