Prerequisites
- The user granting these permissions must have super admin privileges
Standard integrations are configured with read-only permissions. Super admin permissions are limited to the API scopes specified in the steps below. Use a service account (and not an employee account) with the suggested privileges for the integration to ensure continuity.
Create an Oleria Application in Okta
1
Create a new app integration
Login to the Okta admin console, navigate to Applications, and select Create App Integration.

2
Select API Services
Select API Services and select Next.

3
Name the application
Give the App Integration Name as “Oleria” and select Save.

4
Configure client credentials
In the Oleria app, go to General → Client Credentials → select Edit.
- Set Client authentication to Public key / Private key
- Select Add Key to generate a key
- Save the Client ID - you will need it when connecting in Oleria
Make sure there is only one key active for this application. The integration will not pull data if there are multiple active keys.

5
Generate a public key
Add a public key by selecting Generate new key.

6
Save the private key
Save the key in PEM format and select Copy to clipboard. You will need this private key when connecting in Oleria.
You will need to generate a new key if you forget to copy or lose the key.

7
Grant API scopes
Go to Okta API Scopes and grant the following permissions:
8
Grant remediation permissions (optional)
To perform remediations, grant the following additional permissions:To disable dormant accounts:To remove dormant accounts from groups:To validate that the Oleria app has been granted group management permission:
9
Assign the Super Administrator role
Go to Admin roles, select Edit assignments, and add the Super Administrator role.
While both super admin and read-only administrator roles can retrieve user information, read-only administrators have limited access to administrator metadata. Specifically, read-only administrators cannot retrieve user role assignments via the API.

Connect Okta to Oleria
1
Open the integration
Go to your Oleria workspace, select Integrations → select Okta.

2
Provide your credentials
Select Continue and provide the following:
- Org URL - your Okta URL (do not use the Okta admin URL)
- Client ID - copied from the app configuration above
-
Private key - copied from the app configuration above

3
Confirm the connection
Find the newly integrated Okta instance in your Oleria workspace connected integrations.


