Data
Reader small image

You're reading from  Okta Administration: Up and Running

Product typeBook
Published inDec 2020
PublisherPackt
ISBN-139781800566644
Edition1st Edition
Concepts
Identity Management
Right arrow
Authors (2):
Lovisa Stenbäcken Stjernlöf
Lovisa Stenbäcken Stjernlöf
author image
Lovisa Stenbäcken Stjernlöf

Lovisa has been with Devoteam for over 4 years, working with multiple cloud vendors during that period. Starting out as a Project Manager, gaining certifications within G Suite and Salesforce, it was a natural step to start helping customers with their complete cloud setup, including Okta. Apart from customer work, she also has experience with management, both in resources and budget. With several Okta implementations under her belt and an Okta Professional certification in the bag, she now heads the Okta practice within Devoteam.
Read more about Lovisa Stenbäcken Stjernlöf

HenkJan de Vries
HenkJan de Vries
author image
HenkJan de Vries

HenkJan has extensive experience with Okta, being an Okta partner engineer for over 5 years. With a long history of both implementing and supporting many Okta customers, he understands what long term requirements look like, but also the day to day management within organizations. Currently, he is strategically supporting customers to reach all their Okta potential. HenkJan is a certified consultant and is currently part of the exclusive SME group within Okta. Besides his business-related reach, he also enjoys helping unknown and uncontracted customers on several community boards, and by doing so, he has been named an Okta Advocate in 2019 and an Okta Community Leader in 2020.
Read more about HenkJan de Vries

View More author details
Right arrow

Chapter 7: API Management

Up to this point in this book, we've looked at Okta's fundamental functionality. When we've looked at giving users access, it's been to applications. In this chapter, we're taking a step into more advanced features, such as the Application Programming Interface (API) management of Okta and access to APIs of external applications. This can be both for an organization or Okta's APIs, as well as access to self-developed OpenID Connect applications. This is not a feature that every organization needs, but it's a feature that gives that little extra to the organization that needs it.

In this chapter, we will look at the following:

  • API terminology
  • Managing Okta with APIs
  • API Access Management fundamentals
  • API Access Management administration

API terminology

There is some terminology that we need to go through, to be able to understand all aspects of API management and API access management:

  • API product: An application with a group of API endpoints. These endpoints can have different needs and use cases, but listen to the same authorization server to understand what a user or service can and cannot do. It also is the service that a user logs into using OpenID Connect with an ID token.
  • API: These are the endpoints where data is available and interchangeable between systems depending on the request and resource and access grant.
  • Authorization server: An authorization server is at its core an OAuth 2.0 minting machine, utilizing Okta's scopes, claims, and access policies. You can create authorization servers in Okta, typically one server per API product. The server is typically used for one use case rather than one endpoint.
  • Scopes: Scopes are operations performed on your API endpoints. They are built...

Managing Okta with APIs

The use of APIs has been increasing and has become a large part of any organization's footprint. Within all departments, APIs are used to share, transfer, move, read, change, delete, and adjust data from any system to any system.

We might have to start by looking at what an API is and why Okta's functionality in this area is needed. Back in the early days, a web program was hosted on a web server and the browser only displayed its content through HTML sent from the server. These days, you might have apps on your smartphone or single-page apps, both that run code on your device or on the client. These apps connect with a backend service, usually exposed through an API. Simply put, you can say that services and applications that handle smaller tasks and connect and interact with each other through APIs are called microservices. As this newer model of applications becomes more and more common, finding a way of managing these APIs becomes more critical...

API Access Management fundamentals

Using APIs is beneficial because they are automatable and can be programmed to do just what is needed. In many cases, APIs are used by users to help their work be more automated and remove repetitive tasks. By connecting the APIs from different applications, users can all of a sudden see their data in different places, interact with it, and manipulate it where and how they want and like.

On the other side, developers and IT teams might invest in creating custom services and or applications to make their life, or that of their colleagues, better. Creating these applications usually entails adding APIs to open up data streams to collect and bring it all together.

Lastly, if your organization's business model is to build services or web products, chances are they'll be using APIs to connect to other applications, partners, systems, and so on.

All of these APIs require different needs, approaches, and management.

According to Okta...

API Access Management administration

So, let's go into the Okta administrator panel to set up some of the features that were examined in the last section. Navigate to Security | API. Here, we see that we have three tabs we can work with:

  • Authentication Servers
  • Tokens
  • Trusted Origins

This is what it looks like in the admin panel:

Figure 7.3 – Available tabs for API management

As we already spoke about Tokens and Trusted Origins earlier in this chapter, we will now only focus on Authorization Servers. If you don't have the API Access Management product enabled, you will only see this menu for the default org authorization server, explained next.

Authorization server

To start off, we need to look at why you might need an authorization server. An authorization server is basically something to create and solidify (or mint, as it's normally called) Oauth 2.0 or OpenID Connect tokens. You can use it for authentication...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 10 of 13
Next Chapter
You have been reading a chapter from
Okta Administration: Up and Running
Published in: Dec 2020Publisher: PacktISBN-13: 9781800566644
© 2020 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (2)

author image
Lovisa Stenbäcken Stjernlöf

Lovisa has been with Devoteam for over 4 years, working with multiple cloud vendors during that period. Starting out as a Project Manager, gaining certifications within G Suite and Salesforce, it was a natural step to start helping customers with their complete cloud setup, including Okta. Apart from customer work, she also has experience with management, both in resources and budget. With several Okta implementations under her belt and an Okta Professional certification in the bag, she now heads the Okta practice within Devoteam.
Read more about Lovisa Stenbäcken Stjernlöf

author image
HenkJan de Vries

HenkJan has extensive experience with Okta, being an Okta partner engineer for over 5 years. With a long history of both implementing and supporting many Okta customers, he understands what long term requirements look like, but also the day to day management within organizations. Currently, he is strategically supporting customers to reach all their Okta potential. HenkJan is a certified consultant and is currently part of the exclusive SME group within Okta. Besides his business-related reach, he also enjoys helping unknown and uncontracted customers on several community boards, and by doing so, he has been named an Okta Advocate in 2019 and an Okta Community Leader in 2020.
Read more about HenkJan de Vries

Other recommended products

Related to this chapter

Keycloak - Identity and Access Management for Modern Applications

Keycloak - Identity and Access Management for Modern Applications

This book is your guide to learning how to install, configure, and manage Keycloak optimally for securing your applications. With the help of easy-to-follow examples, you will gain a complete understanding of Keycloak's various features and how to enable authentication and authorization in applications using it.

BookJun 2021362 pages
Implementing Identity Management on AWS

Implementing Identity Management on AWS

This book will help you overcome the challenges faced when implementing identity and access management on AWS. You’ll be able to approach the topic from a use-case-driven practitioner’s perspective informed by real-world experience of solving challenges within some of the largest enterprise AWS environments in the world.

BookOct 2021504 pages
Mastering Identity and Access Management with Microsoft Azure

Mastering Identity and Access Management with Microsoft Azure

This book will help you understand how to plan and implement a sustainable IAM strategy. You’ll get hands-on with IAM concepts and various techniques, and gradually gain the knowledge to apply your skills in the real world.

BookFeb 2019698 pages
Zscaler Cloud Security Essentials

Zscaler Cloud Security Essentials

Zscaler Cloud Security Essentials will show you how to leverage the power of Zscaler by jumping right into the design, deployment, and support of a customized Zscaler solution. You'll discover the capabilities of Zscaler through real-world deployment and explore Zscaler Internet Access (ZIA) and Zscaler Private Access (ZPA) in detail.

BookJun 2021236 pages

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages