Kubiya LogoKubiya Developer Docs
Integrations/Identity providers

Okta Integration

Learn how to set up Okta authentication and user synchronization with Kubiya.

Okta Integration

This guide will walk you through setting up Okta integration with Kubiya. This integration provides:

  1. Authentication using your company's Okta credentials
  2. Automatic user synchronization between Okta and Kubiya

Enable Okta Login

Create an Okta Application

  1. Log in to your Okta Admin Dashboard
  2. Navigate to Applications > Applications
  3. Click the Create App Integration button
  4. Select OIDC - OpenID Connect as the Sign-in method
  5. Choose Web Application as the Application type
  6. Click Next
Create Okta Application

Configure the Okta Application

  1. Name your application (e.g., "Kubiya")
  2. Enter the following details:
    • Sign-in redirect URIs: https://<your-kubiya-domain>/api/auth/callback/okta
    • Sign-out redirect URIs: https://<your-kubiya-domain>/auth/signout/okta
    • Trusted Origins: https://<your-kubiya-domain>
  3. Under Assignments, select either:
    • Allow everyone in your organization to access (for all users)
    • Limit access to selected groups (to restrict access)
  4. Click Save
Configure Okta Application

Configure Kubiya

  1. Log in to your Kubiya Admin Dashboard
  2. Navigate to Settings > Authentication
  3. Enable the Okta Integration toggle
  4. Enter the following details:
    • Okta Domain: Your Okta domain URL
    • Client ID: The Client ID from your Okta application
    • Client Secret: The Client Secret from your Okta application
  5. (Optional) Configure additional settings:
    • Default User Role: Select the default role for new users
    • Auto-create Users: Enable to automatically create user accounts
  6. Click Save Changes
Configure Kubiya for Okta

Enable Users Auto-Sync

User auto-sync allows Kubiya to automatically create, update, and deactivate user accounts based on your Okta user directory.

Create an Okta API Token

  1. Log in to your Okta Admin Dashboard
  2. Navigate to Security > API
  3. Select the Tokens tab
  4. Click Create Token
  5. Enter a name for your token (e.g., "Kubiya User Sync")
  6. Note down the generated token value (this will only be shown once)
Create Okta API Token

Configure User Sync in Kubiya

  1. Log in to your Kubiya Admin Dashboard
  2. Navigate to Settings > Authentication > Okta Integration
  3. Locate the User Synchronization section
  4. Enable the Auto-Sync Users toggle
  5. Enter the Okta API token created in Step 1
  6. Configure sync settings:
    • Sync Interval: How often Kubiya will check for user changes (default: 1 hour)
    • User Groups: Optionally restrict sync to specific Okta groups
    • Default Role: The role assigned to new users
    • Auto-Deactivate: Whether to deactivate Kubiya users when deactivated in Okta
  7. Click Save
Configure User Sync Settings

After completing these steps, your Okta integration with Kubiya should be fully configured. Users from your Okta organization will be able to log in to Kubiya using their Okta credentials, and user accounts will be automatically synchronized.

If you encounter any issues during the setup process, please contact the Kubiya support team for assistance.

On this page