Skip to main content
All CollectionsIntegrations
Okta integration
Okta integration

Implement a secure and efficient way for users to authenticate their identity and access the Intruder portal.

Updated over a month ago

Why would someone want this?

  • You can centrally manage your teams use and access of integrated apps.

  • Compliance with third party vendor requirements.

Adding the integration

  1. Head to Integrations > scroll down to Okta and click + Add (keep this tab open, we'll be coming back to it:

  2. In a separate tab/window, login to Okta:

  3. Navigate to Directory > Groups > click Add group:

  4. You'll want to create a group for each role available in Intruder

    1. Starting with Admin
      Add a group named IntruderAdmin > set an appropriate description > Click Save:

    2. Repeat for IntruderScan
      Add a group named IntruderScan > set an appropriate description > Click Save:

    3. Repeat for IntruderReadOnly
      Add a group named IntruderReadOnly > set an appropriate description > Click Save:

      You should now see all three Intruder groups in your Group directory:

  5. Add users to their appropriate groups by clicking on a group (shown above) > clicking the Assign people button:

  6. Search the user and when they show up > Click + > Done.
    In the example below, we're adding Andy Hornegold to the IntruderAdmin group:


    ​🚨 MAKE SURE THAT YOUR USER IS ADD TO THE INTRUDERADMIN GROUP.
    NB: You can also assign users using a CSV import and other standard Okta methods.

  7. Navigate to Applications (in the right hand nav) > Click Create App integration:

  8. Select OIDC - OpenID Connect > Select Single-Page Application > Click Next:

  9. Name your Application integration: Intruder >
    Add the Intruder logo to the Application, you can access it here:
    https://files.intruder.io/images/intruder-logo.png >
    Enable Authorization Code + Refresh Token >
    Re-open the Intruder tab from earlier and copy the Sign-in redirect URL >
    Paste it into the Sign-in redirect URIs field in Okta >
    Set the Sign-out redirect URIs to https://portal.intruder.io: ​

  10. Scroll down to Assignments >
    Select one based on your preference: Allow everyone in your Okta access to Intruder or Allow only users in a specific group access to Intruder >
    Configure Fedeeration Broker Mode >
    Click Save:

  11. To ensure Intruder can only see the Intruder groups in your Okta account configure a group claim filter. Applications > Intruder > Sign On tab:

  12. Scroll down to OpenID Connect ID Token and click Edit:

  13. Scroll down to Groups claim filter and select groups starts with Intruder > Save:

  14. Scroll back to the top and navigate to General tab, then scroll down to General Settings and click Edit:

  15. Scroll down to the LOGIN section >
    Set Login initiated by to Either Okta or App >
    Set Initiate login URI to https://accounts.intruder.io/sso >
    Hit Save:

  16. Scroll back to the top and under Client Credentials, copy the Client ID:

  17. Head back to the Intruder portal and paste the Client ID from Okta into the Client ID field in the integration modal:

  18. Head back to Okta and click your tenant information in the top right > Click Copy to clipboard:

  19. Now back to Intruder again, where you'll paste the domain into the Okta domain field:

  20. OPTIONAL
    If you have custom authorization servers you can add the name of the authorization server in the third field of this modal (this is not a url, but a name/identifier for the authorization server that you have configured in Okta); if not, leave this field empty > Click Connect:

  21. Check that the Okta integration is showing as Enabled:


    ​Ta da. ✨ You're all done!

    The Okta integration is available on our Premium plan.



Related Articles
ServiceNow integration
Microsoft Sentinel integration
Did this answer your question?