fix permissions and add risk scoring

DeCohen · DeCohen · commit f016bc1bf0d0 · 2025-08-25T10:44:29.000+03:00
diff --git a/ATPDocs/okta-integration.md b/ATPDocs/okta-integration.md
@@ -26,17 +26,27 @@ Your Okta environment must have one of the following licenses:
 - Enterprise
 
 
+> [!NOTE]
+> The **Identity details** page in the Microsoft Defender portal shows user risk scores only if the **Identity Threat Protection with Okta AI** feature is enabled. For more information, see [Risk scoring (Okta Identity Engine)](https://help.okta.com/oie/en-us/content/topics/security/security_risk_scoring.htm).
+
+
+
 ### Okta roles 
 
 The Super Admin role is required only to create the API token. After you create the token, remove the role and assign the Read-Only Administrator and Defender for Identity custom roles for ongoing API access.
 
 
-### Microsoft Entra roles
+### Microsoft Entra and Defender XDR role-based access options
+To configure the Okta connector in Microsoft Defender for Identity, your account must have either of the following access configurations assigned:
+
+- **Microsoft Entra roles:**
+
+    - Security Operator
+    - Security Admin
 
-To successfully set up the Okta connector, ensure that your account has one of the following Microsoft Entra roles assigned:
+- **Defender XDR Unified RBAC permission:**
 
-- Security Operator
-- Security Admin
+    - Core security settings (manage)
 
 ### Connect Okta to Microsoft Defender for Identity
 
