Okta

Integrate Okta with Asset Panda to sync user directories and enable single sign-on (SSO) for secure, centralized access. Map Okta attributes such as ID, name, email, and department to matching Asset Panda fields, and assign a unique identifier to prevent duplicate records. Start with a full import, then run delta syncs to update only changed records; apply department, group, or status filters to limit which accounts load. Enable Okta-based logins and combine role-based or custom permissions to control access, while keeping directories aligned with Azure AD and Google Workspace integrations.

Integrating Asset Panda with Okta allows you to configure sync, map attributes, and enable Okta logins:

  • User Data Sync: Sync Okta user records into Asset Panda; apply filters by department, status, or group to limit which accounts load. Perform a full initial import, then run delta syncs to update changed records only.

  • Field Mapping: Map Okta attributes such as ID, name, email, and department to matching Asset Panda fields. Designate a unique identifier to match records and prevent duplicate entries.

  • Okta Logins: Enable Okta-based single sign-on to grant secure, seamless access to Asset Panda and enforce access with role-based or custom permissions.

Prerequisites

  • Active Asset Panda subscription.

  • Okta is deployed.

  • Admin access to Asset Panda with permission to add integrations and map fields.

  • Admin access to Okta with permission to create API credentials or authorize external applications.

  • Choose a unique identifier (for example, Okta user ID or email) for record matching.

  • Defined filter scope for initial load (department, group, or status).

Limitations

  1. Collection-time filters support only department, group, and status.

  2. Login-access user loads accept group filters only.

Generate an Okta API token

  1. Create an API token to authenticate Asset Panda.

  2. Sign in to the Okta Admin Console.

  3. Open Security > API and select the Tokens tab.

  4. Click Create Token.

  5. Enter a descriptive token name.

  6. (Optional) Add network restrictions by IP address or CIDR range to limit token usage.

  7. Click Create Token.

  8. Copy the token value immediately and store it in a secure location such as a secrets manager or encrypted vault. Okta displays the token only once; Okta stores a hashed value afterward.

If you lose the token, revoke the token and create a new one. Consider adding network restrictions and limiting token scope where possible.

Add Okta integration in Asset Panda

Configure Asset Panda to use the Okta API token and verify the connection.

  1. Sign in to Asset Panda as an admin.

  2. Go to Settings > Account Management.

  3. Under the relevant module, click Manage next to Integrations.

  4. Open the Integration Store.

  5. Locate the Okta tile and click Add.

  6. Go to the Integrations in this module tab.

  7. Click Configure next to Okta.

  8. Paste the URL and the token obtained from the Okta API admin console.

  9. Click Test and save connection.

  10. If the test passes, click Continue with Mapping.

  11. Click Add Mapping Option. The Mapping Option window appears.

  12. Choose one of the following mapping options:

    1. To create an Asset Panda user from Okta with login access:

      1. Click Create an Asset Panda user from Okta with login access.

      2. Enter a name in the Mapping Name field.

      3. In the User Role Mapping section,

      4. Under the Okta section, select a user group (e.g., Okta administrators).

      5. In the User Role field, map a role for the corresponding user group.

      6. Similarly map the Okta field with Asset Panda user field.

      7. After mapping the fields, click Save, If you want to synchronize more data with Okta, click Sync more data with Okta.

    2. To import users as reference records without login access:

      1. Click Create Asset Panda users from Microsoft Entra ID with login access.

      2. Enter a name in the Mapping Name field.

      3. In the External Entity dropdown, select the entity type (e.g., Mobile Devices).

      4. In the Collection dropdown, select a collection (e.g., Azure Users).

      5. Proceed to Mapping Fields.

      6. To add more fields, click Add More Mapping Columns.

  13. Click Save.

User Deprovisioning & Status Handling

Asset Panda manages user deactivation based on user lifecycle events in Okta and the availability of user data through Okta APIs and system logs.

  1. Deactivated users: If a user is deactivated in Okta, the user is deactivated in Asset Panda during the next sync.

  2. Deleted users: Okta exposes deleted user information through system logs rather than a persistent deleted-users endpoint. Asset Panda can deactivate deleted users only if the deletion event is available in Okta logs at the time of sync.

Important: To ensure reliable deprovisioning, it is recommended to run frequent syncs (daily or weekly). If Okta logs are purged or removed, deleted user information is no longer accessible, and Asset Panda cannot retrieve or deactivate those users.

Note: Asset Panda does not independently delete users. All deprovisioning actions depend on the data exposed by Okta.

PreviousMicrosoft Entra ID IntegrationNextWarranty Management

Last updated