VOOZH about

URL: https://www.cdata.com/kb/tech/okta-cloud-acl-analytics.rst

⇱ Connect to Okta Data in ACL Analytics


Connect to Okta Data in ACL Analytics

πŸ‘ Stanley Liu
Stanley Liu
Associate Technical Product Marketer
Connect to Okta data via CData Connect AI in ACL Analytics to run your data analysis workflows with real-time access to Okta data.

ACL Analytics, part of Diligent HighBond, is a powerful data analysis software primarily used for audit, risk management, and compliance. It enables professionals to examine and analyze large volumes of data to identify anomalies, trends, and potential risks or fraudulent activities.

CData Connect AI offers a dedicated cloud-to-cloud interface for Okta, enabling analytics directly from live Okta data within ACL Analytics, all without the need for data replication to a native database. With its inherent optimized data processing capabilities, CData Connect AI efficiently channels all supported SQL operations, including filters and JOINs, directly to Okta. This leverages server-side processing to swiftly deliver the requested Okta data.

Configure Okta Connectivity for ACL Analytics

Connectivity to Okta from ACL Analytics is made possible through CData Connect AI. To work with Okta data from ACL Analytics, we start by creating and configuring a Okta connection in CData Connect AI.

  1. Log into Connect AI, click Sources, and then click Add Connection
  2. πŸ‘ Adding a Connection
  3. Select "Okta" from the Add Connection panel
  4. πŸ‘ Selecting a data source
  5. Enter the necessary authentication properties to connect to Okta. Enter the necessary authentication properties to connect to Okta.

    To connect to Okta, set the Domain connection string property to your Okta domain.

    You will use OAuth to authenticate with Okta, so you need to create a custom OAuth application.

    Creating a Custom OAuth Application

    From your Okta account:

    1. Sign in to your Okta developer edition organization with your administrator account.
    2. In the Admin Console, go to Applications > Applications.
    3. Click Create App Integration.
    4. For the Sign-in method, select OIDC - OpenID Connect.
    5. For Application type, choose Web Application.
    6. Enter a name for your custom application.
    7. Set the Grant Type to Authorization Code. If you want the token to be automatically refreshed, also check Refresh Token.
    8. Set the callback URL:
      • For desktop applications and headless machines, use http://localhost:33333 or another port number of your choice. The URI you set here becomes the property.
      • For web applications, set the callback URL to a trusted redirect URL. This URL is the web location the user returns to with the token that verifies that your application has been granted access.
    9. In the Assignments section, either select Limit access to selected groups and add a group, or skip group assignment for now.
    10. Save the OAuth application.
    11. The application's Client Id and Client Secret are displayed on the application's General tab. Record these for future use. You will use the Client Id to set the OAuthClientId and the Client Secret to set the OAuthClientSecret.
    12. Check the Assignments tab to confirm that all users who must access the application are assigned to the application.
    13. On the Okta API Scopes tab, select the scopes you wish to grant to the OAuth application. These scopes determine the data that the app has permission to read, so a scope for a particular view must be granted for the driver to have permission to query that view. To confirm the scopes required for each view, see the view-specific pages in Data Model < Views in the Help documentation.
    πŸ‘ Configuring a connection (Salesforce is shown)
  6. Click Save & Test
  7. Navigate to the Permissions tab in the Add Okta Connection page and update the User-based permissions. πŸ‘ Updating permissions

Add a Personal Access Token

When connecting to Connect AI through the REST API, the OData API, or the Virtual SQL Server, a Personal Access Token (PAT) is used to authenticate the connection to Connect AI. It is best practice to create a separate PAT for each service to maintain granularity of access.

  1. Click on the Gear icon () at the top right of the Connect AI app to open the settings page.
  2. On the Settings page, go to the Access Tokens section and click Create PAT.
  3. Give the PAT a name and click Create. πŸ‘ Creating a new PAT
  4. The personal access token is only visible at creation, so be sure to copy it and store it securely for future use.

With the connection configured and a PAT generated, you are ready to connect to Okta data from ACL Analytics.

Connect to Okta from ACL Analytics

The steps below outline connecting to CData Connect AI from ACL Analytics to create a new Okta data source. The CData Connect AI Virtual SQL Server allows you to establish a connection to your data from integration tools that support connections to SQL servers. The Virtual SQL Server mimics the behavior of a traditional SQL server, and it supports a range of query options.

  1. With your Analytics File open, select 'Import' --> 'Database and application' πŸ‘ Creating a new data source
  2. Create a new connection
  3. Set the connection information
    • Server: tds.cdata.com
    • Port: 14333
    • Auth Scheme: Password
    • Username: a Connect AI user, for example, [email protected]
    • Password: the PAT for the above Connect AI user
    • Database: the name of your Okta connection, for example, Okta1
    πŸ‘ Connecting to Connect AI
  4. Click "Test Connection"
  5. Click "OK"
  6. You are now ready to work with your Okta data in ACL Analytics! πŸ‘ See your data in ACL Analytics

Live connections to Okta data from your applications

ACL Analytics can now connect to live Okta data directly through Connect AI, allowing you to analyze Okta data without duplicating it.

To get live data access to hundreds of SaaS, Big Data, and NoSQL sources directly from your applications, try CData Connect AI today!