App launcher integration with Okta

  • Release version: Washingtondc
  • Updated February 1, 2024
  • 3 minutes to read

    • Using OOTB integration with Okta, you can automatically sync the registered applications from Okta and give your employees one–click access to a personalized list of assigned applications. Your employees can easily access all the active apps with valid entitlement in Okta without specifying the login credentials.

    Before you begin

    • The app launcher sync of applications from Okta is only compatible with the latest Okta Spoke version. Ensure you upgrade the existing Okta spoke to sync the apps on to your web applications.
    • Integrate Okta spoke with ServiceNow, Inc., create credential records, and create connection records as explained in Okta spoke setup

    Role required: sp_admin, taxonomy admin, or taxonomy manager

    About this task

    After the spoke setup, Okta applications are synced on daily basis to a web application table from the Okta account. To sync the latest applications, you can do the following:
    • As sn_hr_sp.esc_admin, navigate to All > Employee Center > Web Applications > Update applications to sync the updates instantly.

      When you update applications, you can track the flow execution status from the related link on the page.

    • As an admin, sync the updates automatically on need-basis or once everyday by running the Fetch applications schedule job from System definition > Scheduled jobs.

    Procedure

    1. Navigate to All > Employee Center > Web Applications.
    2. Fetch applications from the external integrations Okta, by clicking Update applications.
      All the Okta applications appear with the following information:
      Table 1. Applications
      Field Description
      Name Name of the web application
      Description Description for the web application.
      Active Active indicates the status of the application. Only active applications for the user are displayed.
      Categories Category to which the application is assigned. You can create categories and assign the app to one or many app categories.
      App source Source of the application.

      Okta applications synced by admins using integrations.
      Application URL URL of the application
      Application icon Icon of the application
      Application icon URL URL of the application icon
      Is record updated Record update setting to indicate if the Okta app record is manually updated. The value changes to true on manual changes to Name and application URL. For custom apps, the default is false.
      Note:
      Applicable only for apps synced with the Okta integration.
      Featured Option to mark the application as featured. Use the Featured option to promote new or important or seasonal applications for higher visibility.
      Note:
      Featured applications have display preferences and appear on the top of the page despite any filters or sorting.
      Applications are fetched. You can proceed to associate topics suitable for the application.
    3. Assign the topics to applications by following the steps from Assign topics to web applications.

    Result

    When you sync applications, you can see the list of Okta apps. Track the flow execution status from the Okta flow execution status related link on the page.

    What to do next

    For upgrades: When you have an existing Okta spoke and connection and if upgrade to the employee center pro with the App launcher feature, the apps get synced through a job automatically and are updated nightly. To disable the fetch applications job, you must mark the job to the inactive state from System Definition > Scheduled job.
    Scheduled Job: Fetch applications 
table: sysauto_script
sys_id: 48b46a8a4744c1109dcae052846d43cf
    Based on the user permissions and the applications mapped with the Okta, the applications are displayed on the App launcher.
    • When user access permissions change on the Okta side, the updates are synced real-time on the applications widget. To see the changes, re-login to your Employee Center account.
    • Changes to the app metadata such as Deletion, status change, or selecting Do not display application icon to users reflect only after the next sync. After sync, the apps are marked inactive and hidden from users.
    Note:
    When an application is hidden, users still have permissions to the application until the next sync.