![]() Prior to creating the service application for the third-party risk provider, you need to create a public/private key pair for client authentication. ![]() See Implement OAuth for Okta with a Service App. Add a scope grant to the service application.Create and verify the service application.Use the following high-level steps to configure this service application: Your Okta org requires the set up of an OAuth service application to integrate and consume risk events from a third-party risk provider. Create a self-service application for the risk providerĬreate a service app for a third-party risk provider.Follow the high-level steps below to set up an example third-party risk provider integration. The service application provides an integration for the default risk provider and the Okta Risk Engine, and Risk Event API calls can test for a successful setup. High-level configurationsĬreating a third-party risk provider integration follows the general configurations for creating an OAuth service application using the OAuth client credentials grant flow. Okta can't guarantee continued partnerships or functionality with any non-Okta applications. You may only use these third-party risk events if you are a customer of both Okta and the non-Okta application. You aren't required to receive or use third-party risk events within Okta Risk Engine, but if you configure Okta Risk Engine to use third-party risk events, then you agree on behalf of your organization that Okta may receive and share data with the non-Okta application as necessary to provide this functionality. Non-Okta applications include web-based, offline, mobile, or other software application functionality that are provided by you or a third party and interoperate with the Okta Service. Note: Third-party risk events are shared with and received from non-Okta applications. The risk events are additionally logged as part of the System Log. The third-party risk provider can send risk events that you can use when calculating the authentication risk based on the risk policy configured in the Okta org. Using Okta Risk APIs, third-party risk providers can integrate with the Okta Risk Engine using a standard Okta service application. The Okta Risk Engine evaluates authentication attempts by reviewing the risk score of the sign-in based on context and historical data. Download from: (opens new window)Ībout third-party risk provider integration with the Okta Risk Engine See Get Started with the Okta APIs to set up Postman. A Postman client (opens new window) to configure and test the risk provider integration.Contact your Okta customer support representative for this configuration. A configured Okta org for third-party risk providers.Okta Developer Edition organization (opens new window).Understand how to set up and test third-party risk events with a sample app from the Postman Risk API collection.This guide explains how to configure an Okta org to receive risk events from a third-party provider.
0 Comments
Leave a Reply. |