Machine to Machine
Connect Okta (Machine to Machine) to Zluri
Machine-to-Machine (M2M) communication in Okta is an authorization method that allows backend services, applications, and/or devices to communicate securely without user intervention.
This is primarily achieved through the Client Credentials Grant flow of OAuth 2.0.
Prerequisites
- Super Admin privileges in Okta
- Okta Developer Edition organization
Integration steps
Create an Okta service app integration
-
Log in to Okta with a Super Admin account.
-
In the Admin Console, go to Applications → Applications, and then click Create App Integration.
-
Under Sign-in method, select API Services, then click Next.
-
Enter a name for your app integration and click Save.
-
Copy the Client ID and store it securely. We'll use it in the final phase of the integration.
Generate a public and private key pair
-
Under Client authentication, select Public key / Private key, then click Add key.
-
Click Generate new key.
-
Copy and securely save the value of kid, without the quotes (") and comma at the end.
This will go under the Key ID field later in the connection process.
-
Under the Private key section, click on PEM, then Copy to clipboard and securely save the key. Click Done.
-
Click Save.
-
Click Edit under General Settings.
Grant scopes and privileges
-
In the Okta API Scopes tab, grant the following scopes:
okta.users.read
okta.groups.read
okta.apps.read
okta.logs.read
okta.roles.read
okta.domains.read
-
Under the Admin roles tab, click Edit assignments.
-
Add the following roles and click Save changes:
-
API Access Management Administrator
-
Read-only Administrator
-
Read Role Admin
; Set Resource set toRole
.
-
Connect the Okta M2M instance in Zluri
-
Open the Integrations Catalog, search for “okta”, and click ➕ Connect under Okta (Machine to Machine).
-
Choose the scopes for the integration, and click Continue. You can click the down-arrow button towards the right of a scope to find out what it does.
-
Enter the previously generated Client ID, Private key, and Key ID here.
Base URL: if you access Okta using
https://mycorp.okta.com/
, enter it here. If you aren't sure, consult this doc to find your Okta base URL. -
Give the connection a name and description, and you’re ready to go!
Got questions? Feel free to submit a ticket or contact us directly at [email protected].
Updated 5 days ago