Documentation Index

Fetch the complete documentation index at: https://docs.databee.buzz/llms.txt

Use this file to discover all available pages before exploring further.

Okta SSO

  • Updated on Jun 11, 2026
  • Published on Jun 9, 2026
  • 3 minute(s) read
Prev Next

Okta Single Sign-On (SSO) is an identity and access management solution that enables users to securely access multiple applications using one set of login credentials. It simplifies user authentication, improves security through centralized access control, and enhances user experience by reducing the need to manage multiple passwords. For more information on okta, refer here.

Integration Method: API

Tables: Authentication (3002), User Access Management (3005), Group Management (3006), User Inventory Info (5003)

This integration supports the following events.

Event

Description

Users

This event retrieves user information along with groups assigned to user.

Apps with Users

This event retrieves application information along with users assigned to the app.

Apps with Groups

This event retrieves application information along with groups assigned to the app.

Signin Logs

This event retrieves user authentication information.

This integration supports the following versions.

Okta SSO API version

v1

Note:

Okta SSO is a continuously updated service. As for this document preparation, the latest release was in May 5, 2026. More information can be found here.

Prerequisites

  • The user should have access to Okta Admin Console with Administrator privileges.

  • The user should have access to the DataBee console.

Configuration Overview

  1. Generate client credentials in okta.

  2. Add the Okta SSO in the DataBee console with the below parameters.

    DataBee Parameter

    Okta SSO Parameter

    Issuer ID

    Client ID

    Subject ID

    Client ID

    Audience

    Replace <instance> with your okta url

    Private Key

    Private Key

    Key ID

    kid

Okta SSO Configuration

  1. Login to Okta Admin Console, from the user profile option on top-right corner, copy the API Base URL for later use to interact with the APIs.
     

  2. In the left-hand navigation menu, go to Applications > Applications.
     

  3. Click on Create App Integration button to create a new application.
     

  4. Select API Services as sign-in method from the options and click Next.
     

  5. Enter a descriptive name for application and click Save.
     

  6. After the application is created, navigate to the Okta API Scopes tab. Grant the following scopes by clicking Grant next to each. For each scope confirm the grant by clicking Grant Access in the confirmation dialog.

    Scope Name

    Description

    okta.logs.read

    Read access to system logs

    okta.users.read

    Read access to user profiles

    okta.groups.read

    Read access to groups

    okta.apps.read

    Read access to applications



  7. Verify that all four scopes are listed as Granted in the Okta API Scopes tab.
     

  8. Navigate to Admin roles tab for the application and click on Edit assignments.
     

  9. Select Read-only Administrator role from the list.
     

  10. Click on Save Changes once the role is provided.
     

  11. Navigate to General tab of application, and in the “Client Credentials” section, click Edit.
     

  12. Under Client authentication, select Public / Private key, and then click Edit on Public Keys section.
     

  13. In “Public keys” section, select Add key.
     

  14. In “Add a public key” dialog, select Generate new key.
     

  15. Once the key is generated, copy the JSON content of private key and store kid from public key for later use.
     

    Note:

    Copy the private key and store in secure location for later use. This will not be visible again.

  16. Click on Save in both the dialogs (Public Keys & Client credentials) to save the key generation.
     

  17. Scroll down to General Settings section and click on Edit.
     

  18. Locate the Require Demonstrating Proof of Possession (DPoP) header in token requests option and uncheck the checkbox and then click on Save.
     

  19. Scroll to top of application, and under “Client Credentials” section, copy the Client ID for later use.
     

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.


  2. Search for the Okta SSO and click it as shown below.
     

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and scroll down.
     

  5. In the configuration page, confirm the following:

    • API Base URL: This is the base URL that DataBee will interact with. Replace <instance> with your okta instance url.

    • Authorization Method: JWT Auth

    • Token URL: Replace <instance> with your okta instance url.

    • Issuer ID: Replace it with client id copied previously.

    • Subject ID: Replace it with client id previously.

    • Audience: Replace it with Token URL.

    • Private Key: Replace it with private key copied previously.

    • Key ID: Replace it with kid of public/private key.

    • Event Types: Preselected for all the event types that integration pulls.
       

  6. Click on Test Connection and once it passes, click on Submit.
     

Troubleshooting Tips

  • Ensure the Issuer ID, Subject ID, Private Key and Key ID are pasted correctly. Since you cannot view the Private Key after the 1st time, re-create the Public / Private Key pair, paste it on a text editor to ensure no spaces or unexpected characters are included and reconfigure the DataBee feed

  • Ensure the Okta SSO scopes/permissions are correct.

Copyright © 2026 DataBee®, A Comcast Company.
DataBee® is a registered trademark of Comcast.