# Okta Group & App Sync

## Overview

Okta group sync allows for current Okta customers to pull all user group information from their current Okta tenant into Herd. Allowing for organizations to assign trainings, campaigns, events, and stacks, to groups instead of individual users.

## Prerequisites

In order to complete this setup, you'll need:

* Access to Okta API token permissions. Allowing you to create or utilize an API token from your Okta tenant.
* Acccess to the Herd admin console.

## Setup Okta Token

1. Login to your organizations Okta tenant as an administrator.
2. Find *Security* -> *API* -> *Tokens*

<figure><img src="/files/V2Ioga2heHXYmkDXV52q" alt=""><figcaption></figcaption></figure>

3. Create a new token with the following permissions:

For Group Sync:

`okta.users.read`<br>

`okta.groups.read`<br>

`okta.roles.read`

For App Sync:

`okta.apps.read`

<figure><img src="/files/1LqN6bWa9x0m7lREodkG" alt=""><figcaption></figcaption></figure>

4. Save the API token to share with Herd.

## Find Your Okta Domain

The easiest way to find your Okta domain is to look in the URL when logged in to the Okta admin console. It's typically formatted as `company-url.okta.com` .

## Share Your Okta Token & Domain In Herd

1. Login to the Herd admin console.
2. Select *Setup* near the bottom the left side toolbar.
3. Under Okta Integration, open the Okta Configuration Settings.

<figure><img src="/files/Im3BsIifbxK3R4cXfQTV" alt=""><figcaption></figcaption></figure>

4. Place your Okta domain in the first box.
5. Place your Okta API token in the second box.
6. Save Configuration.

## Sync Okta Group & Apps

By selecting Sync groups, Herd will pull group information from Okta into Herd. Groups will be automatically attached to respective users. In order to user the security advisor feature, you'll need to sync apps as well.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://herd-security.gitbook.io/herd-security-docs/okta/okta-group-and-app-sync.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.