Table of Contents generated with DocToc
- OktaOrganization
- OktaUser
- OktaGroup
- OktaApplication
- OktaUserFactor
- OktaTrustedOrigin
- OktaAdministrationRole
- Reply Uri
Representation of a Okta Organization.
| Field | Description |
|---|---|
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
| id | The name of the Okta Organization, e.g. "lyft" |
| name | The name of the Okta Organization, e.g. "lyft" |
-
An OktaOrganization contains OktaUsers
(OktaOrganization)-[RESOURCE]->(OktaUser) -
An OktaOrganization contains OktaGroups.
(OktaOrganization)-[RESOURCE]->(OktaGroup) -
An OktaOrganization contains OktaApplications
(OktaOrganization)-[RESOURCE]->(OktaApplication) -
An OktaOrganization has OktaTrustedOrigins
(OktaOrganization)-[RESOURCE]->(OktaTrustedOrigin) -
An OktaOrganization has OktaAdministrationRoles
(OktaOrganization)-[RESOURCE]->(OktaAdministrationRole)
Representation of a Okta User (https://github.com/okta/okta-sdk-python/blob/master/okta/models/user/User.py).
| Field | Description |
|---|---|
| id | user id |
| first_name | user first name |
| last_name | user last name |
| login | user usernmae used to login (usually email) |
| user email | |
| second_email | user secondary email |
| mobile_phone | user mobile phone |
| created | date and time of creation |
| activated | date and time of activation |
| status_changed | date and time of the last state change |
| last_login | date and time of last login |
| okta_last_updated | date and time of last user property changes |
| password_changed | date and time of last password change |
| transition_to_status | date and time of last state transition change |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
-
An OktaOrganization contains OktaUsers
(OktaUser)<-[RESOURCE]->(OkOrganization) -
OktaUsers are assigned OktaApplication
(OktaUser)-[APPLICATION]->(OktaApplication) -
OktaUser is an identity for a Human
(OktaUser)<-[IDENTITY_OKTA]-(Human) -
An OktaUser can be a member of a OktaGroup
(OktaUser)-[MEMBER_OF_OKTA_GROUP]->(OktaGroup) -
An OktaUser can be a member of an OktaAdministrationRole
(OktaUser)-[MEMBER_OF_OKTA_ROLE]->(OktaAdministrationRole) -
OktaUsers can have authentication factors
(OktaUser)-[FACTOR]->(OktaUserFactor)
Representation of a OktaGroup (https://github.com/okta/okta-sdk-python/blob/master/okta/models/usergroup/UserGroup.py).
| Field | Description |
|---|---|
| id | application id |
| name | group name |
| description | group description |
| sam_account_name | windows SAM account name mapped |
| dn | group dn |
| windows_domain_qualified_name | windows domain name |
| external_id | group foreign id |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
-
OktaOrganizations contain OktaGroups
(OktaGroup)<-[RESOURCE]->(OkOrganization) -
OktaApplications can be assigned to OktaGroups
(OktaGroup)-[APPLICATION]->(OktaApplication) -
An OktaUser can be a member of an OktaGroup
(OktaUser)-[MEMBER_OF_OKTA_GROUP]->(OktaGroup) -
An OktaGroup can be a member of an OktaAdministrationRole
(OktaGroup)-[MEMBER_OF_OKTA_ROLE]->(OktaAdministrationRole)
Representation of a Okta Application (https://developer.okta.com/docs/reference/api/apps/).
| Field | Description |
|---|---|
| id | application id |
| name | application name |
| label | application label |
| created | application creation date |
| okta_last_updated | date and time of last application property changes |
| status | application status |
| activated | application activation state |
| features | application features |
| sign_on_mode | application signon mode |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
-
OktaApplication is a resource of an OktaOrganization
(OktaApplication)<-[RESOURCE]->(OkOrganization) -
OktaGroups can be assigned OktaApplications
(OktaGroup)-[APPLICATION]->(OktaApplication) -
OktaUsers are assigned OktaApplications
(OktaUser)-[APPLICATION]->(OktaApplication) -
OktaApplications have ReplyUris
(ReplyUri)-[REPLYURI]->(OktaApplication)
Representation of Okta user authentication factors (https://developer.okta.com/docs/reference/api/factors/).
| Field | Description |
|---|---|
| id | factor id |
| factor_type | factor type |
| provider | factor provider |
| status | factor status |
| created | factor creation date and time |
| okta_last_updated | date and time of last property changes |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
- OktaUser can have authentication Factors
(OktaUser)-[FACTOR]->(OktaUserFactor)
Representation of a Okta trusted origin for login/logout or recovery operations. For more information visit Okta documentation at https://developer.okta.com/docs/reference/api/trusted-origins
| Field | Description |
|---|---|
| id | trusted origin id |
| name | name |
| scopes | array of scope |
| status | status |
| created | date & time of creation in okta |
| create_by | id of user who created the trusted origin |
| okta_last_updated | date and time of last property changes |
| okta_last_updated_by | id of user who last updated the trusted origin |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
-
An OktaOrganization has OktaTrustedOrigins.
(OktaOrganization)-[RESOURCE]->(OktaTrustedOrigin)
Representation of Okta administration roles. For more information, visit Okta documentation https://developer.okta.com/docs/reference/api/roles/
| Field | Description |
|---|---|
| id | role id mapped to the type |
| type | role type |
| label | role label |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
-
OktaUsers can be members of OktaAdministrationRoles
(OktaUser)-[MEMBER_OF_OKTA_ROLE]->(OktaAdministrationRole) -
An OktaGroup can be a member of an OktaAdministrationRolee
(OktaGroup)-[MEMBER_OF_OKTA_ROLE]->(OktaAdministrationRole) -
An OktaOrganization contains OktaAdministrationRoles
(OktaOrganization)-[RESOURCE]->(OktaAdministrationRole)
Representation of Okta application ReplyUri. For more information, visit Okta documentation https://developer.okta.com/docs/reference/api/apps/
| Field | Description |
|---|---|
| id | uri the app can send the reply to |
| uri | uri the app can send the reply to |
| valid | is the DNS of the reply uri valid. Invalid replyuris can lead to oath phishing |
| firstseen | Timestamp of when a sync job first discovered this node |
| lastupdated | Timestamp of the last time the node was updated |
-
OktaApplications have ReplyUris
(ReplyUri)-[REPLYURI]->(OktaApplication)