Okta Plugin for User Risk Exchange

Okta Plugin for User Risk Exchange

This document explains how to configure the Okta integration with the User Risk Exchange module of the Netskope Cloud Exchange platform. Actions such as Add to Group, Remove from Group, Push Risk Scores, and No Actions can be performed on the users. The Push risk score enables actions via group membership changes used in Okta Authentication Policies when Netskope identifies a risky user, and to share risk signals with Okta Identity Threat Protection.

Prerequisites

To complete this configuration, you need:

  • A Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.
  • A Netskope Cloud Exchange tenant with the User Risk Exchange module already configured.
  • Advanced UEBA already configured on your Netskope tenant.
  • Your Okta Domain and API Token for performing group operations.
  • For Push Risk Score:
    • The public key generated in the steps here is to be hosted publicly.
    • Netskope Advanced UEBA license refer the link for more information.
    • Okta Identity Protection license refer the link for more information.
  • Connectivity to the following hosts:
    • https://<user>.oktapreview.com/

    • https://<user>.okta.com/

    • https://<user>.okta-emea.com/

    Note

    You only need any one of these URLs for the plugin.

Compatibility

Netskope CE: v4.2.0, v5.0.1

Okta Plugin Support

Okta does not support pulling of User or Host scores. This plugin supports performing actions on the user.

Type of data pulled None
Actions
  • Add to group
  • Remove from group
  • Push risk score
  • No actions
Score Mapping
Netskope Score Mapping
Score Level
0 – 250 Critical
251 – 500 High
501 – 750 Medium
751 – 1000 Low
Netskope-Okta Mapping
Netskope Okta
Critical (0 – 250) high
High (251 – 500) high
Medium (501 – 750) medium
Low – (751 – 1000) low
None (NA) none
Permissions

For configuring the API Token, make sure you have super admin access to your account.

API Details
List of APIs used
API Detail Method Endpoint
Get All Users GET /api/v1/users
Get All Groups GET /api/v1/groups
Create Group POST /api/v1/groups
Add to Group PUT /api/v1/groups/<group_id>/users/<user_id>
Remove from Group DELETE /api/v1/groups/<group_id>/users/<user_id>
Generate Security Provider POST /api/v1/security-events-providers
Fetch all Security Events Provider GET /api/v1/security-events-providers
Update Security Events Provider PUT /api/v1/security-events-providers/{provider_id}
Push Risk Score POST /security/api/v1/security-events

Generating SET Token – for Push Risk Score Action: SET Token will be generated using the JWT library with the RS256 Algorithm and the event schema: https://schemas.okta.com/secevent/okta/event-type/user-risk-change

Get All Users

Endpoint: {{base_url}}/api/v1/users
Method: GET
Data:

Parameter Value
limit 200

Headers:

Key Value
Accept application/json
Content-Type application/json
okta-response omitCredentials, omitCredentialsLinks, omitTransitioningToStatus
Authorization SSWS <TOKEN>

Sample Response:

[
    {
        "id": "00ua91artpqbRy3J61d7",
        "status": "STAGED",
        "created": "2023-09-27T09:50:36.000Z",
        "activated": null,
        "statusChanged": null,
        "lastLogin": null,
        "lastUpdated": "2023-09-27T12:24:26.000Z",
        "passwordChanged": null,
        "type": {
            "id": "oty72m75ugKF1nf6T1d7"
        },
        "profile": {
            "firstName": "KeshavTest",
            "lastName": "KeshavTest",
            "mobilePhone": null,
            "secondEmail": null,
            "login": "keshavtest@hackermob.co.in",
            "email": "keshavtest@hackermob.co.in"
        },
        "credentials": {
            "provider": {
                "type": "OKTA",
                "name": "OKTA"
            }
        },
        "_links": {
            "self": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/users/00ua91artpqbRy3J61d7"
            }
        }
    }
]

Get All Groups

Endpoint: {{base_url}}/api/v1/groups
Method: GET
Params:

Parameter Value
limit 200
filter type eq “OKTA_GROUP”

Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

[
    {
        "id": "00g8lfgw3bGRdOEIw1d7",
        "created": "2023-06-20T09:31:38.000Z",
        "lastUpdated": "2023-06-20T09:31:38.000Z",
        "lastMembershipUpdated": "2023-10-18T10:47:25.000Z",
        "objectClass": [
            "okta:user_group"
        ],
        "type": "OKTA_GROUP",
        "profile": {
            "name": "addchiragtogroup",
            "description": "Created From Netskop URE"
        },
        "_links": {
            "logo": [
                {
                    "name": "medium",
                    "href": "https://op3static.oktacdn.com/assets/img/logos/groups/odyssey/okta-medium.30ce6d4085dff29412984e4c191bc874.png",
                    "type": "image/png"
                },
                {
                    "name": "large",
                    "href": "https://op3static.oktacdn.com/assets/img/logos/groups/odyssey/okta-large.c3cb8cda8ae0add1b4fe928f5844dbe3.png",
                    "type": "image/png"
                }
            ],
            "users": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/groups/00g8lfgw3bGRdOEIw1d7/users"
            },
            "apps": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/groups/00g8lfgw3bGRdOEIw1d7/apps"
            }
        }
    },
]
Create a Group

Endpoint: {{base_url}}/api/v1/groups
Method: POST
Data:

  "profile": {
    "name": "<GROUP NAME>",
    "description": "GROUP DESCRIPTION"
  }
}

Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

{
    "id": "00gdpnanjcFNe98yE1d7",
    "created": "2024-03-28T04:06:24.000Z",
    "lastUpdated": "2024-03-28T04:06:24.000Z",
    "lastMembershipUpdated": "2024-03-28T04:06:24.000Z",
    "objectClass": [
        "okta:user_group"
    ],
    "type": "OKTA_GROUP",
    "profile": {
        "name": "West Coast Users2",
        "description": "West Coast Users"
    },
    "_links": {
        "logo": [
            {
                "name": "medium",
                "href": "https://op3static.oktacdn.com/assets/img/logos/groups/odyssey/okta-medium.30ce6d4085dff29412984e4c191bc874.png",
                "type": "image/png"
            },
            {
                "name": "large",
                "href": "https://op3static.oktacdn.com/assets/img/logos/groups/odyssey/okta-large.c3cb8cda8ae0add1b4fe928f5844dbe3.png",
                "type": "image/png"
            }
        ],
        "users": {
            "href": "https://cae-netskope.oktapreview.com/api/v1/groups/00gdpnanjcFNe98yE1d7/users"
        },
        "apps": {
            "href": "https://cae-netskope.oktapreview.com/api/v1/groups/00gdpnanjcFNe98yE1d7/apps"
        }
    }
}
Add to a Group

Endpoint: {{base_url}}/api/v1/groups/{{group_Id}}/users/{{user_Id}}
Method: PUT
Data: NA
Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

204 - <No Content>
Remove from a Group

Endpoint: {{nase_url}}/api/v1/groups/{{group_Id}}/users/{{user_Id}}
Method: DELETE
Data: N/A
Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

204 <No Content>
Generate a Security Provider

Endpoint: {{base_url}}/api/v1/security-events-providers
Method: POST
Data:

 {
    "name": "Netskope Security Events Provider",
    "type": "Netskope",
    "settings": {
        "issuer": "",
        "jwks_url": "JWKS URL"
        
    }
  }

Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

{
    "id": "ssedpne7xpmtBACBk1d7",
    "name": "Netskope Security Events Provider",
    "type": "App",
    "status": "ACTIVE",
    "settings": {
        "issuer": "https://tanushree12.pythonanywhere.com",
        "jwks_url": "https://tanushree12.pythonanywhere.com/jwks"
    },
    "_links": {
        "self": {
            "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedpne7xpmtBACBk1d7",
            "hints": {
                "allow": [
                    "GET",
                    "PUT",
                    "DELETE"
                ]
            }
        },
        "deactivate": {
            "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedpne7xpmtBACBk1d7/lifecycle/deactivate",
            "hints": {
                "allow": [
                    "POST"
                ]
            }
        }
    }
}
Fetch all Security Events Providers

Endpoint: {{base_url}}/api/v1/security-events-providers
Method: GET
Data: N/A
Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

[
    {
        "id": "ssedv9tn73Q679Pvw1d7",
        "name": "SecurityABC",
        "type": "App",
        "status": "ACTIVE",
        "settings": {
            "issuer": "https://netskope-tech.workflows.okta.com/api/flo/b8a6fc8f1a6446fe0074fa7fc783150c/invoke",
            "jwks_url": "https://netskope-tech.workflows.okta.com/api/flo/b8a6fc8f1a6446fe0074fa7fc783150c/invoke"
        },
        "_links": {
            "self": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedv9tn73Q679Pvw1d7",
                "hints": {
                    "allow": [
                        "GET",
                        "PUT",
                        "DELETE"
                    ]
                }
            },
            "deactivate": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedv9tn73Q679Pvw1d7/lifecycle/deactivate",
                "hints": {
                    "allow": [
                        "POST"
                    ]
                }
            }
        }
    },
    {
        "id": "ssedwd2i36lLkzfrJ1d7",
        "name": "Netskope Security Events Provider",
        "type": "Netskope",
        "status": "ACTIVE",
        "settings": {
            "issuer": "https://trial-5192595.workflows.okta.com/",
            "jwks_url": "https://trial-5192595.workflows.okta.com/api/flo/932a84212b5fc8c633c2255859fa565e/invoke"
        },
        "_links": {
            "self": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedwd2i36lLkzfrJ1d7",
                "hints": {
                    "allow": [
                        "GET",
                        "PUT",
                        "DELETE"
                    ]
                }
            },
            "deactivate": {
                "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedwd2i36lLkzfrJ1d7/lifecycle/deactivate",
                "hints": {
                    "allow": [
                        "POST"
                    ]
                }
            }
        }
    }
]
Update a Security Events Provider

Endpoint: {{base_url}}/api/v1/security-events-providers/{provider_id}
Method: PUT
Data:

{
   "name":"Netskope Security Events Provider",
   "type":"Netskope CE",
   "settings":{
      "issuer":"https://tanushree1234.pythonanywhere.com",
      "jwks_url":"https://tanushree1234.pythonanywhere.com/jwks"
   }
}

Headers:

Key Value
Accept application/json
Content-Type application/json
Authorization SSWS <TOKEN>

Sample Response:

{
    "id": "ssedv9tn73Q679Pvw1d7",
    "name": "SecurityABC",
    "type": "Netskope CE",
    "status": "ACTIVE",
    "settings": {
        "issuer": "https://tanushree1234.pythonanywhere.com",
        "jwks_url": "https://tanushree1234.pythonanywhere.com/jwks"
    },
    "_links": {
        "self": {
            "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedv9tn73Q679Pvw1d7",
            "hints": {
                "allow": [
                    "GET",
                    "PUT",
                    "DELETE"
                ]
            }
        },
        "deactivate": {
            "href": "https://cae-netskope.oktapreview.com/api/v1/security-events-providers/ssedv9tn73Q679Pvw1d7/lifecycle/deactivate",
            "hints": {
                "allow": [
                    "POST"
                ]
            }
        }
    }
}
Push a Risk Score

Endpoint: {{base_url}}/security/api/v1/security-events
Method: POST
Data: <SET TOKEN>
Headers:

Key Value
Accept application/json
Content-Type application/json

Sample Response:

202 response
User Agent

The user agent added for this plugin is in the following format:

netskope-ce-<ce_version>-<module>-<plugin>-<plugin_version>

Example:

netskope-ce-5.0.1-ure-okta-v1.1.0

Workflow

  1. Configure an Okta Entity Risk Policy.
  2. Create an Okta User.
  3. Get your API Token.
  4. Get your Okta Domain.
  5. Generate a JWKS Public and Private Key.
  6. Get your Issuer and JWKS URL.
  7. Host the Public Key.
  8. Configure the Okta plugin.
  9. Configure a Business Rule.
  10. Configure Actions.
  11. Validate the Okta plugin.

Click play to watch a video.

 

Configure an Okta Entity Risk Policy

To add the Okta Entity Risk Policy refer to the below links, make sure to choose the detection as Security Events Provider Reported Risk.
https://help.okta.com/oie/en-us/content/topics/itp/detections.htm?cshid=csh-detections
https://help.okta.com/oie/en-us/content/topics/itp/add-entity-risk-policy-rule.htm

Create an Okta User

  1. Log in to Okta and go to Directory > People. Click Add Person and enter your information, and then click Save.
  2. Once the user is created it will be listed on the People page. Click on your user and go to Admin Roles and click on Add individual admin privileges.
  3. In the Role dropdown select the Super Administrator and click on save.

Get your API Token

  1. Log in to Okta and click Admin.
  2. Go to Security > API from the left panel and click Create Token.
  3. Enter any token name and click on Create Token.
  4. Copy the token value as it will only be visible once and it will be used further for plugin configuration.

Get your Okta Domain

You can get the Okta domain from the top left corner of your Okta page, click on your username and you will see a Base URL below your Username.

Note

Make sure to use https:// with your Okta domain when you use it in your plugin.

Generate a JWKS Public and Private Key Pair (Required for Push Risk Score Action for Okta Identity Threat Protection)

The Push Risk Score requires the public key to be hosted on a public URL. Here is one way of generating the Public and Private key pair.

  1. Go to https://mkjwk.org/
  2. Specify the following values to generate the key pair from the RSA tab:
    • Key Size: 2048
    • Key Use: Signature
    • Algorithm: RS256
    • Key ID: SHA-256
    • Show X.509: Yes
  3. Click Generate.
  4. Copy and make a note of the Public Key. Host this Public Key on a public URL. This public URL will be required for the sharing configuration. The Base URL used for posting the Public Key will be used as the Issuer URL.
  5. Scroll down, copy, and make a note of Private Key (X.509 PEM Format) as this will be required in the sharing configuration. Don’t use the Copy to Clipboard button; instead, copy manually as it may include \n for line break which will result in invalid OEM format while using in the plugin configuration).

Note

It’s required that the Public Key is in JWK format (to be hosted publicly), and that the Private Key be in PEM format.

JWKS Format

{
    "keys": 
    [
      
    ]
}

Get your Issuer and JWKS URL (Required for Push Risk Score Action)

You need to Host the Public Key on a publicly hosted URL. Here are the steps which can be used for creating the API endpoint in the Okta workflow for the Okta User Risk Exchange plugin where the public API endpoint will be used as publicly hosted JWKS URL.

Host the Public Key

  1. Log in to Okta and go to the admin console by clicking Admin in the top right corner.
  2. Go to Workflow > Workflow console in the left panel.
  3. Select the Flow tab from the top panel.
  4. Click New Flow.
  5. Click Add Event.
  6. Select API Endpoint.
  7. The API endpoint settings dialog opens. Select the Security level as None (public service) and click Close.
  8. Click Add function.
  9. Search for Return raw in the search box and select Return Raw function form the list.
  10. Now make the below changes in the header and body of the Return Raw function:
    1. Paste the below content in the headers field:
      {
        "Content-Type": "application/json"
      }
      
    2. Paste the public key in the JWKS format in the body:
      {
         "keys":[
            {
               "kty":"RSA",
               "e":"AQAB",
               "use":"sig",
               "kid":"1pXZQNc3YiNjWUD2rZ2WqFNQzBANcSzrGhrlhBExLzA",
               "alg":"RS256",
               ************"n":"g5r_OAU9OE-ybhedeFDWv7XGKmF18R6JUFXmOKO0TWlkR2wfhtA8vXCH0il60ICUNmZV_axnnqUjzGezF_3D6coNt1NEocCiaYeX46tdJCLg8ac9furS0g-VbftPcg6DpkwrIN5t1UphNlPvkxhnmfMYxzSo9Pq_Sb0LPImL2h9a32Iw-GY2Zr69ctNQxhghR6_Aqaps5iQRqjAPs3CQ"
            }
         ]
      }
      

  11. Click Save at the top and enter a name for the flow.
  12. Expand the Flow is Off menu on the top and turn it on.

  13. Copy the Invoke URL from the Endpoint settings, and click on the </> button to open the Endpoint settings.

  14. The public key will be hosted on the public URL, and you can view it using the invoke URL. Copy the URL and paste it in your browser as shown below in the next point.
  15. The tenant URL of the Okta account used for hosting the public key will be used as the Issuer URL. Make a note of the tenant URL.

Configure the Okta Plugin

  1. In Cloud Exchange go to Settings > Plugins.
  2. Search for and select the Okta Plugin box.
  3. Enter the following parameters in the Basic Information section.
    • Configuration Name: Enter a name for the configuration.
    • Sync Interval: Enter the time at which the plugin will be synced.

  4. Click Next, and enter the plugin Configuration Parameters for authenticating:
    • Okta Domain: Enter the Okta Domain obtained previously.
    • API Token: Enter the API Token generated previously.

  5. Click Next and set the score range from the Select Range page (recommend keeping the default).
  6. Click Save.

Create a User Risk Exchange Business Rule for Okta

Use a Business Rule to filter out the users on which you want to perform actions. Follow these steps to configure a business rule.

  1. Go to Risk Exchange > Business Rules and click on Create New Group.
  2. Enter a name, add the filters based on your requirement, and then click Save.

Configure User Risk Exchange Actions for Okta

Following is the list of available actions for the Okta plugin.

Add to Group

Whenever an action triggers, this action adds users to the group that has been mentioned while creating the action configuration.

  1. Go to User Risk Exchange > Actions and click Add Action Configuration.
  2. Select your Business Rule.
  3. Select the Okta Plugin configured earlier as the Configuration.
  4. Select Action as Add to group.
  5. Select an existing group in the Group dropdown to add the user to an existing group, or select Create new group.
  6. If you’re creating a new group, enter a Group Name for the Group parameter.
  7. Click Save.

Remove from Group

Whenever an action triggers, this action removes users from the group that has been mentioned while creating the action configuration.

  1. Go to User Risk Exchange > Actions and click Add Action Configuration.
  2. Select your Business Rule.
  3. Select the Okta Plugin configured earlier as the Configuration.
  4. Select Action as Remove from the group.
  5. Select a group from the Group dropdown to remove the users that match the Business Rule for the selected group.
  6. Click Save.

Push Risk Score

Whenever an action triggers, this action pushes the current and the previous score level of the user to Okta (provided the user exists on the Okta tenant).

Note

The scores will only be pushed for a user if the user is available on Okta. If the user score is pushed for the first time, the value for the previous_level will be none in Okta.

Follow the below steps to perform the Push Risk Score Action on Okta users.

  1. Go to User Risk Exchange > Actions and click Add Action Configuration.
  2. Select your Business Rule.
  3. Select the Okta Plugin configured earlier as the Configuration.
  4. Select Action as a Push risk score
  5. Enter these parameters:
    • Plugin Configuration Name: The Configuration Name whose current and previous score will be shared with Okta
    • Issuer URL: The URL that is used for hosting the JWK Public Key publicly (Okta tenant URL used for hosting public key in this case).
    • JWKS URL: The URL where the JWK Public Key is hosted publicly (invoke URL in this case).
    • Private Key: Private Key (PEM format) corresponding to the Public Key hosted publicly.



  6. Click Save.

No Action

This action will not perform any kind of action on users. Users can use this action to generate the UBA alerts in the Netskope Ticket Orchestrator module.

Validate the Okta Plugin

Perform Actions

  1. To validate in Cloud Exchange, go to Risk Exchange > Action Logs.
  2. Go to Logging and check for the logs in the User Risk Exchange Okta plugin.
  3. To validate in Okta, open the Okta Admin Section.
  4. Click on Groups. After finding the group that you have selected while in action configuration. Here you can check the groups created, and the user added in the groups or removed from the group.

  5. To verify the Push risk score, go to the Reports System Log. The logs for push risk score action will have Partner reported risk as the Event info.
  6. Go to Reports > Reports, scroll down to Identity Threat Protection, and click Entity Risk Report.
  7. Check the Entity Risk Detections, you will be able to see all the push Risk scores for the user.

    Note

    It takes time to reflect the pushed scores under the Entity Risk Detections in Okta after the action is performed in Cloud Exchange.

Troubleshooting

Here is a list of error messages and solutions of what to do if the error occurs in the Okta plugin.

Not able to save the sharing configuration and receiving the below error in the loggers:URE Okta [URE Okta]: Received error code 400. Error Summary: Api validation failed: name. Error Causes: [{'errorSummary': 'name: Security Events Provider name must be unique'}].


You can receive this error if a sharing configuration with destination Okta is currently present on Cloud Exchange, or was earlier created and deleted.
Cause: While creating the sharing configuration, a new Security Event Provider is created on Okta tenants with the name – “Netskope Security Events Provider”.
But the Okta Netskope URE accepts a single 1:1 mapping of sharing with the security event provider.

  • What to do: Delete the existing Security Event Provider from the Okta platform in order to edit or create a new sharing configuration with Okta in Cloud Exchange. Follow these steps to delete the existing Security Event Provider:
    1. Log in to your Okta Tenant.
    2. Go to Security > Device Integrations.
    3. Click on Receive shared signals tab
    4. For the shared signal named “Netskope Security Events Provider”, expand Actions and select Delete.

After this, you can create a new sharing configuration on User Risk Exchange for the Okta plugin, or edit the existing one.

URE Okta [configuration_name]: Received error code 400. Error Summary: Api validation failed: settings.jwksUrl. Error Causes: [{'errorSummary': 'settings.jwksUrl: Is not a valid URL. Valid example: http://www.okta.com'}]

What to do: Verify the Public Key hosted on the public URL.

URE Okta [URE Okta]: Unable to establish connection with Okta platform while 'Fetching Key ID'. Proxy server or Okta server is not reachable. Error: HTTPConnectionPool(host='35.172.183.204', port=8080): Max retries exceeded with url: /jwks (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f075a904430>: Failed to establish a new connection: [Errno 111] Connection refused'))

What to do: Check the site where you have hosted the public key. If you are using a script, make sure the script is up and running.

URE Okta [URE Okta]: Received error code 400. Error Summary: Error Summary not available. Error: invalid_key. Error Description: No matching key was found in JWKS uri, kid=8s4cciA4UPIN7aVyTwVEhE9JTUSL87XALbCY9SUKvws.

What to do: This specifies that the private key provided in the Action configuration does not match with its public key pair provided in the configuration, or the public key is not hosted properly. Regenerate the public and private key or verify the public and private key added, and then make sure that the hosted key is accessible.

URE Okta [Okta]: Group with ID '00ga2i326jTvm8sxV1d7' does not exist on Okta.

What to do: If you receive the above error, that means that the group name provided in the action configuration does not exist on the Okta platform, change the group name or create the same group on Okta.
URE Okta [URE Okta]: Invalid Private Key provided, make sure the Private Key is in PEM format.
What to do: If you received the above error, that means the private key provided is invalid or is not in a valid PEM format.

URE Okta [Okta]: Invalid Okta Domain provided.

What to do: If you received the above error, that means the Okta Domain provided in the plugin configuration is invalid.

URE Okta [Okta]: Validation error occurred. Error: Authentication failed, check the API Token provided.

What to do: If you received the above error, that means the Okta API Token provided in the plugin configuration is invalid.

Limitations

The plugin does not allow saving the Push Risk Score action configuration in the following scenarios:

  • If the Public and Private Key pair is incorrect
  • If the Netskope Security Events provider already exists on the platform with a different issuer and JWKS pair than provided in the configuration.
  • If the Issuer and JWKS pair provided already exists on the platform with a different Security Event Provider.
Share this Doc

Okta Plugin for User Risk Exchange

Or copy link

In this topic ...