1. Vanta
  2. Integrations
  3. Identity Providers

Identity Providers

Controlling Scope Through Okta

  • Updated

 

The enhanced Okta integration makes it easy to define which employees should be added to Vanta and which should be kept out of scope. By using your IdP as the source of truth for employee scoping, you’ll reclaim the lost time spent managing multiple applications and benefit from a faster, simpler workflow. 

 

 Configure Okta

  • Log in to Okta and navigate to the Assignments tab for the Vanta app

Screen_Shot_2022-02-09_at_11.14.18_PM.png

Validate account assignments

  • Verify that the list of employees and/or groups assigned to the Vanta app reflects your desired scoping preferences. 
  • Vanta recommends creating an automated provisioning process to assign the Vanta app to new employees.

 

Enable the Feature in Vanta

  • Navigate to the Integrations Page
  • From the Connected tab, search for Okta

Screenshot_2023-05-18_at_11.27.06_AM.png

  • Select Configure  scope

Screenshot_2023-05-18_at_11.27.50_AM.png

  • Enable the IdP scoping toggle:

Screenshot_2023-05-18_at_11.33.35_AM.png

 

  • Once this feature is enabled, all user scope will be managed through Okta, and the scoping toggle in Vanta will be disabled. Vanta will update the scope status for IdP accounts on the following data fetch, which happens hourly. 

Creating multiple Vanta Okta apps for Workspaces

If you use Vanta Workspaces, you can add multiple Vanta apps in Okta, one for each Workspace. 

  • Follow the same steps under “Add Vanta to your Okta Account”.
  • When you select Add Integration and complete the prompts under General settings, ensure the app label contains Vanta (name needs to be exact).
  • You can choose to customize the text in the parentheses.

 

 

  • When you connect Okta on the Integrations page, we will recognize if you have multiple Vanta apps in Okta. After adding your API Token and Okta domain, you’ll see a prompt on the next step to select the Vanta app you want to connect.

 

 

Once you select the Vanta app you want to connect, make sure to paste the Vanta domain ID to the Domain ID field of the app you chose

 

Controlling scope with multiple Vanta Okta apps

  • Follow the instructions in Controlling Scope Through Okta to choose which employees should be added to Vanta.
  • If you’ve created multiple Vanta Okta apps for each Workspace, you can choose to assign different employees and/or groups to each Vanta app to control scoping for each Workspace. 

 

Be sure to consult your auditor, or reach out to Vanta Support to validate the set of accounts that should and should not be managed by Vanta.

 

 

Was this article helpful?

Have more questions? Submit a request