Skip to main content
availability

Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)

Okta

Integrate Invicti AppSec to Okta

  1. Enter the Okta Admin panel.
  2. Click Applications > Applications from the left menu.
  3. Click Create App Integration.
  4. Check OIDC - OpenID Connect as the Sign-in method.
  5. Check Web Application as the Application type. Then click the Next button.
Integration steps
  1. Type {YOUR_INVICTI_AppSec_HOST}/login/okta to the Sign-in redirect URIs.
  2. Type {YOUR_INVICTI_AppSec_HOST}/logout/okta to the Sign-out redirect URIs.
Integration steps
  1. Select "Allow everyone in your organization to access" as Controlled Access in the Assignments section.
Integration steps
  1. Uncheck "Enable immediate access with Federation Broker Mode" as shown below. Then click the Save button.
Integration steps
  1. Copy the Client ID value to a safe place.
  2. Click the Generate new secret button.
Integration steps
  1. Copy the Client secret value to a safe place.
  2. Go to the Sign On menu.
  3. Scroll down and click the Edit button in the OpenID Connect ID Token panel.
  4. Select Matched regex and type ".*" to the Groups claim filter.
Integration steps
  1. Click the Save button.
  2. Select Directory > Groups from the left menu.
  3. Click the Add group button and create the groups below:
    • InvictiAppSecAdmin
    • InvictiAppSecProductOwner
    • InvictiAppSecManager
    • InvictiAppSecTeamLead
    • InvictiAppSecDeveloper
    • InvictiAppSecPentester
  4. Assign users to the groups.
  5. Select Applications from the left menu and select "invictiappsec" app integration.
  6. Go to the Assignments menu.
  7. Assign all created groups to the "invictiappsec" application.
  8. Click the Done button.
  9. Then going to the Invicti AppSec side. You can complete Okta integration by entering Okta Trial URL, Client ID, Client Secret, and Issuer URL, and defining roles at the bottom. You can get the Issuer URL from the API screen.

Generate a token in Okta

  1. In admin panel, select API under the Security dropdown tab.
  2. Move to Tokens tab and click Create Token button.
  3. Name the token as you wish and click Create Token button.
  4. Copy the Token Value to a safe place and click the green OK, got it button.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?