Skip to main content

Okta proof types

Note

Hyperproof connects to many third-party systems that frequently change, including the system interface. Contact your System Administrator or the third-party provider for assistance meeting the requirements to integrate with Hyperproof and collect the proof you need.

When you create a Hypersync between Hyperproof and Okta, you can automatically collect proof based on the following services:

  • Group Membership List

  • List of Admins

  • List of Groups

  • List of Users

    Note

    By default this proof type includes all users. Exclude staged and decommissioned users if you receive a message indicating too many results.

  • List of Users with MFA

  • Password Policy

Important

It’s recommended to create a service account to generate the API key (note that the API key has the same permissions as the user who created it). The service account should be granted the Read-only Administrator role to allow the Hypersync to gather all necessary information.

Create a custom role with these specific permissions

  • View users and their details

  • View groups and their details

This custom role allows access to the following Hypersync proof types:

  • List of Users

  • List of Users with MFA settings

  • List of Groups

  • Group Membership List

To use the Password Policies proof type, you must have the Read-only Administrator role. To use the List of Admins proof type, you must have the Super Administrator role.

Okta does not provide any finer-grain permission controls to enable a read-only role that encompasses all the different proof types' functionality.

Additional documentation

Note

You only need to connect Hyperproof to the app once, and then you can create as many Hypersyncs as you need. Additionally, you can create multiple Hypersyncs for a single control or label.

Tip

If you don’t know your access token or don’t have one, you can create one from the Okta Security> API page.