Fortinet black logo

External Systems Configuration Guide

Adding Users from Okta

Adding Users from Okta

Create an Okta API Token

  1. Log in to Okta using your Okta credentials.
  2. Got to Administration > Security > API Tokens.
  3. Click Create Token.
    You will use this token when you set up the Okta login credentials in the next section. Note that this token will have the same permissions as the person who generated it.

Create Login Credentials and Associate Them with an IP Address

  1. Log in to your Supervisor node.
  2. Go to ADMIN > Setup > Credentials.
  3. Enter a Name.
  4. For Device Type, select Okta.com.
  5. For Access Protocol, select Okta API.
  6. Enter the NetBIOS/Domain associated with your Okta account.
    For example, FortiSIEM.okta.com.
  7. For Pull Interval, enter how often, in minutes, you want FortiSIEM to pull information from Okta.
  8. Enter and reconfirm the Security Token you created.
  9. Click Save.
    Your LDAP credentials will be added to the list of Credentials.
  10. Under Enter IP Range to Credential Associations, click Add.
  11. Select your Okta credentials from the list of Credentials.
  12. Enter the IP range or host name for your Okta account.
  13. Click OK.
    Your Okta credentials will appear in the list of credential/IP address associations.
  14. Click Test Connectivity to make sure you can connect to the Okta server.

Discover Okta Users

If the number of users are less than 200, then Test Connectivity will discover all the users.

Okta API has some restrictions that does not allow FortiSIEM to pull more than 200 users. In this case, follow these steps:

  1. Login to Okta.
  2. Download user list CSV file (OktaPasswordHealth.csv) from Admin > Reports > Okta Password Health.
  3. Rename the CSV file to all_user_list_%s.csv (where %s is the placeholder of token obtained in Create an Okta API Token - Step 3, for example, all_user_list_00UbCrgrU9b1Uab0cHCuup-5h-6Hi9ItokVDH8nRRT.csv).
  4. Login to FortiSIEM Supervisor node:
    1. Upload csv file all_user_list_%s.csv to this directory /opt/phoenix/config/okta/
    2. Make sure the permissions are admin and admin (Run "chown -R admin:admin /opt/phoenix/config/okta/")
    3. Go to ADMIN > Setup > Enter IP Range to Credential Associations. Select the Okta entry and run Test connectivity to import all users.

Adding Users from Okta

Adding Users from Okta

Create an Okta API Token

  1. Log in to Okta using your Okta credentials.
  2. Got to Administration > Security > API Tokens.
  3. Click Create Token.
    You will use this token when you set up the Okta login credentials in the next section. Note that this token will have the same permissions as the person who generated it.

Create Login Credentials and Associate Them with an IP Address

  1. Log in to your Supervisor node.
  2. Go to ADMIN > Setup > Credentials.
  3. Enter a Name.
  4. For Device Type, select Okta.com.
  5. For Access Protocol, select Okta API.
  6. Enter the NetBIOS/Domain associated with your Okta account.
    For example, FortiSIEM.okta.com.
  7. For Pull Interval, enter how often, in minutes, you want FortiSIEM to pull information from Okta.
  8. Enter and reconfirm the Security Token you created.
  9. Click Save.
    Your LDAP credentials will be added to the list of Credentials.
  10. Under Enter IP Range to Credential Associations, click Add.
  11. Select your Okta credentials from the list of Credentials.
  12. Enter the IP range or host name for your Okta account.
  13. Click OK.
    Your Okta credentials will appear in the list of credential/IP address associations.
  14. Click Test Connectivity to make sure you can connect to the Okta server.

Discover Okta Users

If the number of users are less than 200, then Test Connectivity will discover all the users.

Okta API has some restrictions that does not allow FortiSIEM to pull more than 200 users. In this case, follow these steps:

  1. Login to Okta.
  2. Download user list CSV file (OktaPasswordHealth.csv) from Admin > Reports > Okta Password Health.
  3. Rename the CSV file to all_user_list_%s.csv (where %s is the placeholder of token obtained in Create an Okta API Token - Step 3, for example, all_user_list_00UbCrgrU9b1Uab0cHCuup-5h-6Hi9ItokVDH8nRRT.csv).
  4. Login to FortiSIEM Supervisor node:
    1. Upload csv file all_user_list_%s.csv to this directory /opt/phoenix/config/okta/
    2. Make sure the permissions are admin and admin (Run "chown -R admin:admin /opt/phoenix/config/okta/")
    3. Go to ADMIN > Setup > Enter IP Range to Credential Associations. Select the Okta entry and run Test connectivity to import all users.