To synchronize with an Okta tenant, you must authorize Barracuda CloudGen Access to access your data. This requires obtaining an API token from Okta using an administrative account. Read-only administrative permissions are sufficient for running a connector. For added security, Barracuda Networks recommends creating a separate service account with limited permissions, and generating an API token from this account. The token will remain valid indefinitely, unless invalidated from the Okta console. The API token should be passed using the variable okta-auth-token
.
To synchronize with an Okta tenant, follow these steps:
Obtain an administrative account for your Okta tenant.
Create a separate service account with read-only administrative permissions.
Generate an API token from the service account created in step 2.
Pass the API token using the variable
okta-auth-token
when prompted by the Barracuda CloudGen Access connector.Verify that the synchronization is successful.
For added security, Barracuda Networks recommends invalidating the token if it is no longer in use.
You also need to provide the domain name assigned to your organization in Okta, usually something like exampleorg.okta.com
, in a variable called okta-domainname
.
docker run -it fydeinc/fyde-connector --enrollment-token='https://enterprise.fyde......' --okta-auth-token='eAJ4q2wc......' --okta-domainname='exampleorg.okta.com' 2019-08-30 23:06:42 - Running Fyde Connector version 1.0.0 2019-08-30 23:06:42 - Initializing Sync Manager for connector https://enterprise.fyde.com/connectors/v1/connectorid1 .... 2019-08-30 23:07:42 - Ran module <sources.okta.SyncModule object at 0x1066555b0> successfully, next run in 900 seconds
Okta Directory Parameters
Key | Default | Type | Description |
| string | This is an Okta API token, and it is required to sync with Okta Directories. | |
| string | This is the domain assigned to your organization inside Okta. Something like: exampleorg.okta.com. |
See also General parameters.