It's possible to sync Okta groups into PhishingBox as target groups. Follow the steps below to configure an Okta integration on PhishingBox:
- Log into Okta and make a note of the Okta domain (this can be found in the global header located in the upper-right corner of the dashboard).
- Generate an API token by navigating to Security > API > Tokens and click the "Create token" button.
NOTE: The token owner must have one or more of the following admin roles assigned: Group Membership Administrator, API Access Management Admin, Report Admin, Help Desk Admin, Read-only admin, App Admin, Group Admin, Org Admin, and/or Super Admin.
- Input an appropriate token name and click "Create Token". A pop-up will appear with a token value. Click the clipboard icon to copy this value.
NOTE: This will be the only time you can access this token value, copy and save it in a secure location.
- Log into PhishingBox and navigate to Administration > Integration Store and click the “Setup” button on the Okta card.
- Set "Active" to "Yes".
- Input the “Okta Domain” and the “Api Token” in the respective fields
- Click “Test”.
- If the test succeeds you will be presented with a list of the groups from your Okta tenant. If you have a large amount of groups, you will have to search for the groups you want to sync.
- Select the groups you would like to sync and click “Save”.
The groups you have selected to sync will enter the queue. It may take several minutes to sync, depending on the number of targets and/or groups.
NOTE: Users that are in a "Deactivated" state will not be synced in. Users that are in any other state (active or suspended, for example) will be pulled into PhishingBox.
Comments
0 comments
Please sign in to leave a comment.