Okta ConfigurationΒΆ

Follow these steps to analyze Okta objects with Cartography.

  1. Prepare your Okta API token.

    1. Generate your API token by following the steps from the Okta Create An API Token documentation

    2. Populate an environment variable with the API token. You can pass the environment variable name via CLI with the --okta-api-key-env-var parameter.

    3. Use the CLI --okta-org-id parameter with the organization ID that you wish to query. The organization ID is the first part of the Okta URL for your organization.

    4. If you are using Okta to administer AWS as a SAML provider then the module will automatically match OktaGroups to the AWSRole they control access for.

      • If you are using a regex other than the standard okta group to role regex ^aws\#\S+\#(?{{role}}[\w\-]+)\#(?{{accountid}}\d+)$ defined in Step 5: Enabling Group Based Role Mapping in Okta then you can specify your regex with the --okta-saml-role-regex parameter.