Okta Payload :
{
"description": "TestOktaThroughAPINew1",
"owner": {
"type": "IDENTITY",
"id": "e1fc5ae146404b088bc5c5e66046eb90",
"name": "Thippeswamy H.anumanthappa"
},
"cluster": {
"type": "CLUSTER",
"id": "96e363830182411c8bcedf505a19ec4d",
"name": "AWS Cluster"
},
"passwordPolicies": null,
"type": "Okta",
"connector": "okta-angularsc",
"connectorClass": "sailpoint.connector.OpenConnectorAdapter",
"connectorAttributes": {
"connectionType": "direct",
"connectorClass": "openconnector.connector.okta.OktaConnector",
"authtype": "API Token",
"host": "",
"cloudExternalId": "204498",
"templateApplication": "Okta",
"apiToken": "00DeSyytRbSQcIBRH-0f2fyLbguufvdseNNMXZWR8rgMSukXBb8q",
"encrypted": "apiToken,private_key,private_key_password,accessToken",
"cloudDisplayName": "TestOktaThroughAPINew1",
"connectorName": "Okta"
},
"connectorId": "okta-angularsc",
"connectorName": "Okta",
"connectionType": "direct",
"connectorImplementationId": "okta-angularsc",
"name": "TestOktaThroughAPINew1"
}
Okta-Saas Payload :
{
"description": "TestOktaSaasThroughAPI2",
"owner": {
"type": "IDENTITY",
"id": "e1fc5ae146404b088bc5c5e66046eb90",
"name": "Thippeswamy H.anumanthappa"
},
"cluster": {
"type": "CLUSTER",
"id": "96e363830182411c8bcedf505a19ec4d",
"name": "AWS Cluster"
},
"connector": "oktasaas",
"connectorClass": "",
"connectorAttributes": {
"connectionType": "direct",
"authtype": "API Token",
"host": "",
"cloudExternalId": "205923",
"templateApplication": "Okta SaaS",
"apiToken": "00DeSyytRbSQcIBRH-0f2fyLbguufvdseNNMXZWR8rgMSukXBb8q",
"encrypted": "apiToken,private_key,private_key_password,accessToken",
"cloudDisplayName": "TestOktaSaasThroughAPI2",
"connectorName": "Okta SaaS"
},
"connectorId": "oktasaas",
"connectorName": "Okta SaaS",
"connectionType": "direct",
"connectorImplementationId": "oktasaas",
"name": "TestOktaSaasThroughAPI2"
}
The payloads I’m using are nearly identical for both Okta and Okta-Saas, with the primary difference being that I do not pass the connector class name for the Okta SaaS connector since it’s not available in the Connector Source Template.
Despite the similar setup, the test connection works for the Okta connector but fails for the Okta SaaS connector.
Below are the connector details retrieved from the API after creation:
Okta Connector details :
{
"description": "TestOktaSaasThroughAPI2",
"owner": {
"type": "IDENTITY",
"id": "e1fc5ae146404b088bc5c5e66046eb90",
"name": "Thippeswamy H.anumanthappa"
},
"cluster": {
"type": "CLUSTER",
"id": "96e363830182411c8bcedf505a19ec4d",
"name": "AWS Cluster"
},
"accountCorrelationConfig": null,
"accountCorrelationRule": null,
"managerCorrelationMapping": null,
"managerCorrelationRule": null,
"beforeProvisioningRule": null,
"schemas": [{
"type": "CONNECTOR_SCHEMA",
"id": "fe4bbb1d749e4b14bafb5d569f70cb92",
"name": "account"
}, {
"type": "CONNECTOR_SCHEMA",
"id": "f6309e684f854334ad06c4c89fb7855f",
"name": "group"
}],
"passwordPolicies": null,
"features": ["UNLOCK", "ENABLE", "PASSWORD", "GROUP_PROVISIONING", "PROVISIONING"],
"type": "49836d9c-290a-4225-8380-641237e98cc2",
"connector": "oktasaas",
"connectorClass": "",
"connectorAttributes": {
"deleteThresholdPercentage": 10,
"connectionType": "direct",
"authtype": "API Token",
"cloudCacheUpdate": 1723122461540,
"templateApplication": "Okta SaaS",
"apiToken": "2_{\"KEY_ID\":\"\",\"KEY\":\"lvv2qKHLKDB3XM29FUiQyj2ECYKu0262ZCZmdcKpsRWhBiGAup+xYD58aYpEYAxti/wUFVnIo5P/\\r\\nvKR/73zx/zfCtJnKYMkUefO9wRivPGyGwOqhJS0M3SkaFdOyRCooGd17YhPGTZFp6RL2X60Bp5Xy\\r\\nq0rqGKMX2/q1gmJCYC+I3JzscFKbj6GCpYkY5HXtCPXtzivsCNIJLXN6vdffmRs1HnZAwpXkelfN\\r\\nUJ1OfAQK3SrNfvMq7BGJkbtQEu+1cXHBcmmgWXUvdA/gPy9P2otVKy8Ga9DJycRHXjZhroHAkfZV\\r\\nlQb03iUHQQtdvW+aEMErip3wFPt3/qPR9ExkOw\\u003d\\u003d\",\"SECRET\":\"B2CB3746E07E94FA43B7505BFE1BFD79B338B9F583C90DFA277D29B9862961D3104A176A546B0BB669743419DB8FCD9A456420A3::2D3C193A67320B7501D8CA3DE5564DF7\"}",
"encrypted": "apiToken,private_key,private_key_password,accessToken",
"healthy": false,
"cloudDisplayName": "TestOktaSaasThroughAPI2",
"host": "",
"cloudExternalId": "210295",
"connectorName": "Okta SaaS",
"beforeProvisioningRule": null,
"since": "2024-08-08T13:07:39.896Z",
"status": "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS"
},
"deleteThreshold": 10,
"authoritative": false,
"healthy": false,
"status": "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS",
"since": "2024-08-08T13:07:39.896Z",
"connectorId": "oktasaas",
"connectorName": "Okta SaaS",
"connectionType": "direct",
"connectorImplementationId": "oktasaas",
"managementWorkgroup": null,
"credentialProviderEnabled": false,
"category": null,
"id": "c78e2ce2a6544e458ee498d85104bacf",
"name": "TestOktaSaasThroughAPI2",
"created": "2024-08-08T13:07:39.896Z",
"modified": "2024-08-08T13:07:41.540Z"
}
Okta-Saas Connector details :
{
"description": "TestOktaThroughAPINew1",
"owner": {
"type": "IDENTITY",
"id": "e1fc5ae146404b088bc5c5e66046eb90",
"name": "Thippeswamy H.anumanthappa"
},
"cluster": {
"type": "CLUSTER",
"id": "96e363830182411c8bcedf505a19ec4d",
"name": "AWS Cluster"
},
"accountCorrelationConfig": {
"type": "ACCOUNT_CORRELATION_CONFIG",
"id": "8393414cae2f4daf8b9571aab5b86fd0",
"name": "Okta Account Correlation Config"
},
"accountCorrelationRule": null,
"managerCorrelationMapping": null,
"managerCorrelationRule": null,
"beforeProvisioningRule": null,
"schemas": [{
"type": "CONNECTOR_SCHEMA",
"id": "71ad636574ad402e945f0814b55ebc38",
"name": "account"
}, {
"type": "CONNECTOR_SCHEMA",
"id": "c55cb25335894313bf4360276d0c1aee",
"name": "group"
}],
"passwordPolicies": null,
"features": ["SEARCH", "AUTHENTICATE", "DISCOVER_SCHEMA", "UNLOCK", "ENABLE", "PASSWORD", "SYNC_PROVISIONING", "PROVISIONING", "CURRENT_PASSWORD"],
"type": "Okta",
"connector": "okta-angularsc",
"connectorClass": "sailpoint.connector.OpenConnectorAdapter",
"connectorAttributes": {
"sourceConnected": true,
"deleteThresholdPercentage": 10,
"connectionType": "direct",
"connectorClass": "openconnector.connector.okta.OktaConnector",
"authtype": "API Token",
"slpt-source-diagnostics": "{\"connector\":\"okta-angularsc\",\"status\":\"SOURCE_STATE_HEALTHY\",\"healthy\":true,\"healthcheckDisabled\":false,\"healthcheckCount\":1,\"lastHealthcheck\":1723120990619,\"statusChanged\":1723120990619}",
"cloudCacheUpdate": 1723120997807,
"templateApplication": "Okta",
"apiToken": "2_{\"KEY_ID\":\"\",\"KEY\":\"X8sRG0BOGeZUsjV/SpqQXVymy6om86OpRCvJBFuOZ2EfIMZ1rwyDvimz+dlxr9ey7Oa1F6cSejhV\\r\\niI6tgO6l4zkk1s2Wi6ltyMMt7e6NRvfwH8iYGXQD8I6I0TCx0hyVgYdeqhUkj/Md+chBpV6FLnE0\\r\\nl5beabRjXUYpT+ixFDWJwcEW/DtQz8taujj8t20DwknxJEmsxq1m6OAMtwnfyjFGtHbJ+705fgKV\\r\\nabCVN0aFPC/0pc91qzNUFhMNlynqw7OgAWbR0zkZOzykK5uM0iRiNHnRCvE2ivvcqQZbPYbXmBEa\\r\\nzLr/9iFk5IeBik/P5bdxLfLWOyxpXghsHEtj8A\\u003d\\u003d\",\"SECRET\":\"8F8B01129BBEA65711F4AC4CFCE1455498F014F8BE2B0673AC81897891D2018573AE2BD402C6B7134C28::300A1E98A3ED2DAAE670E28EAEAA0A28\"}",
"encrypted": "apiToken,private_key,private_key_password,accessToken",
"healthy": true,
"cloudDisplayName": "TestOktaThroughAPINew1",
"host": "",
"cloudExternalId": "210289",
"connectorName": "Okta",
"beforeProvisioningRule": null,
"since": "2024-08-08T12:43:10.619Z",
"status": "SOURCE_STATE_HEALTHY"
},
"deleteThreshold": 10,
"authoritative": false,
"healthy": true,
"status": "SOURCE_STATE_HEALTHY",
"since": "2024-08-08T12:43:10.619Z",
"connectorId": "okta-angularsc",
"connectorName": "Okta",
"connectionType": "direct",
"connectorImplementationId": "okta-angularsc",
"managementWorkgroup": null,
"credentialProviderEnabled": false,
"category": null,
"id": "d076b8dabec34926a87c2432e9ac76a1",
"name": "TestOktaThroughAPINew1",
"created": "2024-08-08T12:42:39.929Z",
"modified": "2024-08-08T12:43:17.807Z"
}
Key Differences Noticed:
- Connector Class:
- Okta:
sailpoint.connector.OpenConnectorAdapter
- Okta SaaS:
""
(Empty)
- Health Status:
- Okta:
"healthy": true, "status": "SOURCE_STATE_HEALTHY"
- Okta SaaS:
"healthy": false, "status": "SOURCE_STATE_UNCHECKED_SOURCE_NO_ACCOUNTS"
Question:
What could be causing the test connection to fail for the Okta SaaS connector? Do I need to specify the connectorClass
for the Okta SaaS connector, and if so, what value should I use?
Note: I’m using the correct host URL in the payloads, but due to browser limitations, I can only paste one link at a time.