The enhanced Okta integration makes it easy to define which employees should be added to Vanta and which should be kept out of scope. By using your IdP as the source of truth for employee scoping, you’ll reclaim the lost time spent managing multiple applications and benefit from a faster, simpler workflow. 

 Configure Okta

• Log in to Okta and navigate to the Assignments tab for the Vanta app

• Assign the Vanta app in Okta to the desired employees or groups. For setup instructions, visit the Okta help center
  • How to assign an app to a group in Okta
  • Creating group rules in Okta for automatic assignment

Validate account assignments

• Verify that the list of employees and/or groups assigned to the Vanta app reflects your desired scoping preferences. 
• Vanta recommends creating an automated provisioning process to assign the Vanta app to new employees.

Enable the Feature in Vanta

• Navigate to the Integrations Page
• From the Connected tab, search for Okta

• Select Configure  scope

• Enable the IdP scoping toggle:

• Once this feature is enabled, all user scope will be managed through Okta, and the scoping toggle in Vanta will be disabled. Vanta will update the scope status for IdP accounts on the following data fetch, which happens hourly. 

Creating multiple Vanta Okta apps for Workspaces

If you use Vanta Workspaces, you can add multiple Vanta apps in Okta, one for each Workspace. 

• Follow the same steps under “Add Vanta to your Okta Account”.
• When you select Add Integration and complete the prompts under General settings, ensure the app label contains Vanta (name needs to be exact).
• You can choose to customize the text in the parentheses.

• When you connect Okta on the Integrations page, we will recognize if you have multiple Vanta apps in Okta. After adding your API Token and Okta domain, you’ll see a prompt on the next step to select the Vanta app you want to connect.

Once you select the Vanta app you want to connect, make sure to paste the Vanta domain ID to the Domain ID field of the app you chose. 

Controlling scope with multiple Vanta Okta apps

• Follow the instructions in Controlling Scope Through Okta to choose which employees should be added to Vanta.
• If you’ve created multiple Vanta Okta apps for each Workspace, you can choose to assign different employees and/or groups to each Vanta app to control scoping for each Workspace. 

Be sure to consult your auditor, or reach out to Vanta Support to validate the set of accounts that should and should not be managed by Vanta.

Updated September 15, 2023 21:10