okta-api

I'm trying to integrate with Okta SSO by implementing SAML 2.0 in my website as Service Provider (SP) and Okta env. as my Identity Provider (IDP) I can't understand how to configure my IDP to return for each Auth request, the groups a user is in. How can it be done? Also, Is it possible to have service account in my IDP that my backend can ask the IDP directly if a user is inside some specific group? It is possible to add groups to the SAMLResponse by configuring the SP App in the Okta admin dashboard correctly. In order to do it for an existing app, Go to Admin panel and edit the SAML

I have two service providers that I am connecting to Okta in order to manage identities externally. Can you think of a way to configure Okta to accomplish the following: Associate attributes with groups, rather than directly to users. Users within groups would then inherit these attributes. Associate groups with applications, rather than directly associating users with applications. My end goal is to be able to leverage Okta for managing a role store for each service provider. I would expect SAML assertions coming from Okta to be able to be mapped into assertions for individual service

I have followed the guide https://ultimatesecurity.pro/post/okta-saml/ , to configure OKTA Saml with keycloak. After this configuration, I see Okta/saml login button on login page, clicking on which, the user is redirected to Okta login/SSO. Now, is there a way to avoid clicking on this button everytime such that when the keycloak login page appears, user is auto redirected to Okta SSO automatically instead of shown keycloak login form with okta redirect button? If not, is it possible to enter okta username password within the keycloak form fields and keycloak have it validated internally from

I need to authenticate to JIRA using Okta via REST, how can I do that on ruby? It is possible? I never did that before, I just only want to get an attached file from a ticket in JIRA It turns out that you can just send the JSESSIONID cookie from a logged-in user (such as yourself) to the REST API. You can get the cookie manually from the browser, or write a browser extension to get the cookie and then invoke your Ruby script with that cookie's value as a command-line argument. For Chrome, you could use Chrome Native Messaging for this. You should be able to do it by setting up an Application

I have a need to programmatically connect to a customer's SharePoint server that uses OKTA for authentication. I saw this post which looked promising, but cannot seem to get a valid session cookie back from OKTA. I can successfully call the /api/v1/authn endpoint and get back a sessionToken, but when I turn around and call /api/v1/sessions?additionalFields=cookieToken with that session token, I always received a 403 - Forbidden, with the following json: { "errorCode": "E0000005", "errorSummary": "Invalid Session", "errorLink": "E0000005", "errorId": "oaew0udr2ElRfCnZvBFt075SA", "errorCauses":