Skip to content

Commit 72b9e62

Browse files
DeCohenDeCohen
committed
add okta role and entra role sections
1 parent 3ea65b3 commit 72b9e62

File tree

1 file changed

+9
-4
lines changed

1 file changed

+9
-4
lines changed

ATPDocs/okta-integration.md

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ ms. reviewer: Himanch
1010

1111
This page explains how to connect Microsoft Defender for Identity to your Okta account using the Unified Connectors experience. This connection provides visibility into Okta activity and enables shared data collection across Microsoft security products. The Unified Connectors experience allows Defender for Identity to collect Okta system logs once and share them with other supported Microsoft security products, such as Microsoft Sentinel. This reduces API usage, avoids duplicate data collection, and simplifies connector management. For more information, see [Unified connectors overview](/azure/sentinel/unified-connector?branch=pr-en-us-302665#unified-collector-service).
1212

13+
> [!NOTE]
14+
> If your Okta environment is already integrated with [Microsoft Defender for Cloud Apps](/defender-cloud-apps/protect-okta), connecting it to Microsoft Defender for Identity can cause duplicate Okta data, such as user activity, to appear in the Defender portal.
15+
1316
## Prerequisites
1417

1518
Before connecting your Okta account to Microsoft Defender for Identity, make sure the following prerequisites are met:
@@ -20,11 +23,13 @@ Your Okta environment must have one of the following licenses:
2023

2124
- Enterprise
2225

23-
> [!NOTE]
24-
> - The Super Admin role is required only to create the API token. After you create the token, remove the role and assign the Read-Only Administrator and Defender for Identity custom roles for ongoing API access.
25-
> - If your Okta environment is already integrated with [Microsoft Defender for Cloud Apps](/defender-cloud-apps/protect-okta), connecting it to Microsoft Defender for Identity can cause duplicate Okta data, such as user activity, to appear in the Defender portal.
2626

27-
## Required Microsoft Entra roles
27+
### Okta roles
28+
29+
The Super Admin role is required only to create the API token. After you create the token, remove the role and assign the Read-Only Administrator and Defender for Identity custom roles for ongoing API access.
30+
31+
32+
## Microsoft Entra roles
2833

2934
To successfully set up the Okta connector, ensure that your account has one of the following Microsoft Entra roles assigned:
3035

0 commit comments

Comments
 (0)