Okta Connector

This document focuses on setting up the integration with Okta and ingesting User details.

1. Create an API token from Okta Interface

API token is needed when creating an Okta integration. Hence it is important to have Token created inadvance. The process to create a Rest API token for Okta is described here. To create an API token, follow these steps:

1. Sign in to your Okta organization as a user with administrator privileges

• (opens new window). API tokens have the same permissions as the user who creates them, and if the user permissions change, the API token permissions also change. See the section on Privilege level, regarding the use of a service account when creating an API token, to specifically control the privilege level associated with the token.

• In the Admin Console, select Security > API from the menu and then select the Tokens tab.

• Click Create Token.

• Name your token and click Create Token.

• Record the token value. This is the only opportunity to see it and record it.

1. Create an Okta Integration

• Go to Settings> Integration > New Integration

• Provide the following details

Name: Name of the integration

Endpoint: Provide the Okta URL you need to connect to

Public: Determines whether the integration can be used outside the firewall

Description: Enter the description (Optional)

• Click Next

• Enter the Authentication details

1. Access Token: Enter the access token.

• Click OK

1. Create an Okta Data Source

   1. Go to Settings > DataSource> New Data Source

   2. Search and Select “Okta”

   3. Enter the General details:

Name: Enter the name of the DataSource

Type: Select the Type i.e. DownStream or UpStream

Integration: Select the Integeation created in the previous step

Functions: User Learning, User Group Learning or User Profile Learning

Schedule: Select the schedule of the DS you want it to run.

Public Domain: Enter the public domain. If a data source is marked with a public domain name, any KB ingested from DS will come up as a hint to a related question to the bot.

Description: Enter the description you want to give to the DS.

Note - Other configuration options are not needed. 4. Go to the DataSource created and start the Data Source and shown below: 5. Default Mappings.

There is a set of default mappings for each Learning Function, however it is better to make sure that you create new field mappings according to the data you wish to extract from the JSON entries.

Users:

User Profiles:

User Groups:

Setup Okta SSO

1. Okta Setup Overview

The Okta integration is necessary for authentication, application provisioning, and can also be used as a reference in email group management actions. In order to restrict access to Aisera AISM UI and the webchat channel, Okta can be configured as an SSO endpoint as well.

This document describes the two use cases below:

• Integration with Aisera for user and application management (requires specific roles to be assigned to the service account)

• View user profile

• Unlock account/Password Reset

• Assign user access to applications and optionally add user to Okta security groups

• Configuring access to the Aisera system via Okta SSO

2. Okta Integration with Aisera

This process describes how to obtain an access token from Okta.

In order to obtain the Access Token requested in the table below, please follow the instructions to set up your application by following the link https://developer.okta.com/docs/guides/create-an-api-token/main/.

Following is a summary of the steps:

1. Login as super administrator to your organization's Okta URL

2. Create a new user (Service Account for Aisera)

3. Assign the roles to the Service Account depending on the desired capabilities

1. Login to your organization's Okta URL as the newly created user

2. Click on Admin (top right of the page)

3. Select on the menu option for Security -> API

4. Click Create token which will create a token with authorization privileges of the user creating the token (in this case, the Aisera Service Account)

5. Give a meaningful name for the token with datetime for reference (e.g., AiseraServiceAccount_022721)

6. The token value is shown only once, so copy it and save it before dismissing the popup

7. Send us the organization Okta URL, the newly created account name, and the newly created token by encrypted email (preferably in separate emails)

Create the service account which can be used to pull data.

3. Okta SSO Setup

The information obtained in this section can be used for two purposes:

• SSO authentication to access the Aisera AISM UI

• SSO authentication to access the Aisera Webchat channel

3.1. Aisera AISM UI SSO Setup

To configure access to the Aisera AISM UI using SSO authentication, use the information available in the

The table below and fill out the missing information.

Send back this information to your Aisera partner and they can configure SSO for your Aisera tenant.

3.2. Aisera Webchat SSO Setup

To configure access to the Aisera Webchat using SSO authentication, use the information available in the table below and fill out the missing information.

Send back this information to your Aisera partner and they can configure SSO for your Aisera tenant.