User access reviews for Okta must have the following prerequisites:
Requires the account granting Drata an API Key to have Super Administrator permissions.
To review how to create an Okta API key for Drata, go to "Part 2: Create Read-Only Admin Service Account user and API Token" section in this help article. In Part 2, you can skip steps 2-4, or for step 3, grant that new service account the Super Administrator role.
Verify the apps Okta can integrate with. To learn more about Okta provision supported apps, refer to Okta integration network.
Okta provides user attribute data based on how SSO apps are set up in Okta and might not be applicable for certain applications.
If your IT team has chosen to provision access outside of Okta (most likely directly in the source application), You can manual upload or rely on future direct connections.
Now, you can set up your user access review.