Sectona PAM integrates with Okta MFA and push-based authentication using API based integration. This section covers integrating Okta MFA and push-based authentication with Sectona PAM:
Before you begin
Make sure you have administrator access in Okta console.
Make sure the user has the Okta Verify app installed on his/her Android/iOS device for enabling MFA.
User account information must be in sync between Okta and Sectona. Typically if you are using Active Directory you will need to sync it with Okta or add users manually using supported methods. To sync the Active Directory, go to Classic UI → Directory → Directory Integrations, and you can add Active/LDAP directory.
Configuring Okta MFA with Sectona
To configure Okta MFA with Sectona instance follow the below-recommended steps:
Login to PAM as administrator
Go to Platform Configuration under the Authentication column and click on Multifactor Authentication → Okta
Fill in the following details:
Description: Provide a suitable description for identification.
Sub Domain: Specify the Okta subdomain of your organization.
Timeout (Seconds): Provide the timeout period for communication attempts from the PAM server to the Okta server.
API Key: Enter your Okta API Key Client ID. To get API Key, login to Okta preview portal. Go to API → Token → Create Token, and copy the token.
Network Proxy: An internal network proxy can be configured in Sectona PAM application. For configuring network proxy, refer to Setting up a network proxy. To configure Okta through network proxy, enable the network proxy option by clicking on the checkbox and select the network proxy from the drop-down.
Click on Active to activate the configuration.
Click on Save and Okta MFA and push-based authentication will be enabled.
For enabling Okta MFA for users, the administrator will need to assign User Logon Policy with MFA Type as Okta.
For enabling Okta push authentication for users, the administrator will need to assign User Logon Policy with MFA Type as Okta Push Authentication.
For more information, refer to Setting up user logon policy.
If you want to use Okta MFA from Sectona PAM's end, use the method mentioned above. This method would support Push and token-based OTP. Suppose you would like to avail of complete authentication services from Okta, visit Okta SAML.