Security & Compliance
Lynx Compliance - Okta Connector
Pulls compliance evidence from Okta - user inventory, MFA enrollment, privileged groups, SaaS app inventory, sign-on / MFA / password policies, admin-action audit log - via the Okta REST API.
lynx_compliance_connector_okta
· v19.0.1.0.0
· Premium
What this solves
Lynx Compliance - Okta Connector
Compliance evidence pulled from Okta — the most-asked-for evidence on the identity / access surface during SOC 2 and ISO 27001 audits. Auditors want to see: who has admin access (PR.AA-05), is MFA enforced everywhere (PR.AA-03), what SaaS apps are SSO-integrated (ID.AM-02), what admin actions happened in the last 90 days (DE.CM-01), and that documented sign-on / MFA / password policies exist and are active (GV.PO-01).
This connector mechanises every one of those questions via the Okta REST API. Auth is a Super Admin-scoped API token (SSWS) stored on the connector record; rotate via Okta's UI when the issuer leaves.
Key Features
Okta connector type - configure with the Okta tenant URL (e.g. https://acme.okta.com) and an SSWS API token.
Eight resource pulls - active users, MFA factor enrollment, groups, SaaS application inventory, sign-on / MFA / password policies, system log admin actions (90d), org admins, and aggregate MFA enrollment percentage.
Pre-seeded collectors - five collectors covering PR.AA-01 (user inventory), PR.AA-03 (MFA enforcement), PR.AA-05 (RBAC / segregation), DE.CM-01 (admin action monitoring), and GV.PO-01 (policy attestation).
Cursor-based pagination - honours Okta's Link-header pagination so very large tenants don't truncate at the first page.
Rate-limit aware - test_connection surfaces the rate-limit headers; pulls retry once on 429.
Integrates With
lynx_compliance_connectors - registers under the connector framework.
lynx_compliance_evidence_collectors - shipped collectors use the standard schedule.
Okta via the requests HTTP client.
Try Lynx Compliance - Okta Connector on your team.
Free trial, no credit card. Talk to sales when you're ready.