Help Center
14 DAY FREE TRIAL
Search result for "aa"
View all results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. Hexnode Integrations
  3. Okta

Category filter

Okta integration with Hexnode UEM

Jump To

Hexnode is a mobility management platform that enables IT admins to manage and monitor a multitude of devices from a centralized platform. It also provides the workforce seamless and secure access to the corporate networks and apps on their deployed endpoints. Apart from the device management capabilities, Hexnode also delivers enterprise-grade app, content, and kiosk management through the unified device management console.

Hexnode’s integration with Okta, a cloud-based identity and access management solution, further simplifies the device enrollment and user management operations in the UEM console. The collaboration syncs the user and group inventory of your organization’s Okta account to Hexnode, facilitating the automatic creation of user accounts. Moreover, Okta’s integration ensures users reliable and secure access to applications with single sign-on, multi-factor authentication, and more.

This guide provides step-by-step instructions to easily integrate Hexnode with Okta.

Okta integration with Hexnode MDM

What is Okta?

Okta is a cloud-based identity and access management provider. Their solutions include Single Sign-On (SSO), Multi-factor authentication, lifecycle management, API access management, and others.

With the Hexnode-Okta integration, you can accomplish elevated standards of device management and security by leveraging the features of the robust identity and access management solution with Hexnode.

What are the benefits of Hexnode’s integration with Okta?

The main use cases of Okta integration include enabling Hexnode login using Okta authentication, syncing users and groups from Okta domain to Hexnode console, easy enrollment of iOS, Android, Windows and macOS devices with Okta authentication, and more.

Prerequisite:


Your organization should have an Okta subscription.

Generate client credentials from the Okta admin console

To integrate Okta with Hexnode UEM, you must first obtain the necessary client credentials from your Okta admin console. Follow these steps:

  1. Log in to you Okta admin console.
  2. Navigate to Applications > API Service Integrations.
  3. Click Add Integration.
    Option to add new API service integration
  4. From the list of available integrations, choose Hexnode, then click Next.

    List of available API services for integration

  5. In the next window, click Install & Authorize.

    Option add Hexnode API service integration

  6. A pop-up window will display the Client Secret for the integration. This secret is shown only once – copy it and store it securely, then click Done.

    Pop-up showing one time client secret

  7. You will be redirected to the Hexnode API Service Integration page in Okta, where you can view key integration details such as your Okta Domain and Client ID.

    Details of the configured Hexnode API service integration

  8. Copy and save the Okta Domain and Client ID for use in the Hexnode UEM portal.

Integrate Okta with Hexnode UEM

Once you have the client credentials, follow these steps to complete the integration:

  1. Sign in to your Hexnode UEM portal.
  2. Navigate to Admin > Integrations.
  3. Select the Okta tile from the list of available integrations.
  4. You’ll be prompted to enter your Okta Domain, Client ID, and Client Secret. Enter the required information to proceed with the integration.

    Option to integrate Okta with Hexnode UEM

  5. After entering the required credentials, you’ll have the option to configure sync scheduling directly within the same window:
    1. Enable Allow self-enroll option to allow users to enroll in Hexnode with their Okta credentials.
    2. Set the Initiate sync at time and choose the Frequency for automatic syncing between Okta and Hexnode.

    Option to configure sync scheduling

  6. Click Save to complete the integration.

Remote Actions on Domain

Once the domain is configured, you can perform the following actions on the domain,

  • Sync Now – To manually sync Okta with Hexnode.
  • Reconfigure Hexnode Identity – If reconfigured, the Hexnode Identity app in Okta will return to its default settings, and all the Okta users will get assigned to the Identity app. Reconfiguring the app has no effect on the sync process.
    Note:


    For users still using the older Okta integration method (based on API token) and who haven’t migrated to the client credential flow, the Reconfigure Hexnode Identity action will not work. To enable this action, you must first integrate your Okta domain using the client credential flow

  • Disable/Enable Self-enroll – Disable/Enable users to enroll with their Okta credentials.
  • Delete Domain – Deleting a domain will remove all the users and groups associated with the domain from the Hexnode portal. You can either disenroll all the devices assigned to the Okta domain users, or you can assign the enrolled devices to new users before deleting a domain.

remote actions for Okta

Hexnode identity app

Hexnode Identity app is the OAuth app that gets automatically created in the Okta when the domain is added in Hexnode. To view the app, navigate to Applications on your Okta portal and search for “Hexnode Identity – {portal name}.hexnodemdm.com”.
Hexnode Agent app in Okta portal

Assign the Hexnode Identity app to the users whose devices you want to enroll in Hexnode via Okta authentication. By default, all users in the Okta domain (the group ‘Everyone’) will be assigned to the Identity app. If you want to restrict certain users from enrolling their devices in Hexnode, remove their Identity app assignments.

Unassigning users from the Hexnode Identity app restricts their Okta authenticated enrollment. They can still enroll their devices in Hexnode via open enrollment.

Note:


Since the Hexnode Identity app is assigned to a group by default, individual user assignments cannot be removed. You have to first remove the group assignment and then re-assign the app to the required users or groups. This can be done by navigating to Applications, clicking on the respective Identity application and then moving to Assignments > Groups and then removing the corresponding group assignment. Now, you can assign to individual users or groups by clicking on the Assign button.

Warning:

  • All users and groups in Okta will be synced to Hexnode, regardless of the app configuration. Changing the Identity app user assignments will have no effect on the sync process. For instance, if there are 10 users in the Okta domain, all the 10 users will be displayed in the Hexnode portal even if the Hexnode Identity app is assigned to only two users.
  • Changing the Hexnode Identity app settings (except the user assignments) may disrupt the Okta authenticated enrollment.
  • An Okta user on a provisioned state will not be synced to Hexnode. Activate the user to add them to Hexnode.

Configure multiple domains

Hexnode lets users configure multiple Okta domains in the Hexnode UEM console. So, even if your organization is using more than one domain, you can manage all its users from a single management console.

To configure multiple Okta accounts in Hexnode,

  1. Go to Admin > Okta.
  2. Click on the + button to add new Okta domain.
  3. Follow the same procedure to complete the configuration.

Add multiple Okta domain in Hexnode

Enroll devices via Okta authentication

Hexnode uses the OAuth authentication method to enroll devices of Okta users. Since OAuth is employed, Okta itself confirms the validity of the entered credentials. So, passwords from Okta don’t have to be transferred to Hexnode.

Hexnode supports the enrollment of iOS, Android, Windows and macOS devices using Okta authentication.

Need more help?
Image of Raise a Ticket Raise a Ticket
Image of Ask Community Ask Community
Image of Chat With us Chat With us
Hexnode Integrations