User Group Memberships
Fetches Okta users enriched with their group memberships. Only includes users that belong to at least one group. This input combines user data from the Okta directory with the groups each user is a member of.
Sync Type: Full Synchronisation
Authentication
This input supports API Key and OAuth 2.0 (service app) authentication. See Okta Authentication for setup instructions and required credentials for each method.
Note: When using OAuth 2.0, ensure the and
okta.groups.readscopes are granted on your service app.
Configuration
The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below.
Settings
| Setting | Type | Required | Description |
|---|---|---|---|
| Org URL | string | Yes | Your Okta Organization URL. |
| Cron | string | Yes | A cron expression defining how often to fetch group membership data. |
Secrets
Secrets vary by authentication method. See Okta Authentication for details.
Custom Schema Handling
If the source data doesn't align with any of the OpenSecurityControlFramework (OSCF) schemas, you can create a custom transformation using our JQ transform pipeline. For example:
{
metadata: {
schema_version: "1.0.0",
custom_framework: "my_framework"
},
user: {
id: .id,
email: .profile.email,
groups: [.groups[].profile.name]
}
}
For more information on JQ and how to write your own JQ transformations see the JQ docs here.
If you believe this data source should be included in the standard OSCF schema set, please reach out to our team at support@monad.com. We're always looking to expand our coverage of security control frameworks based on community needs.
Related Articles
Sample Record
{
"id": "f5c19356-b090-1832-e1be-f248b98902ae",
"status": "ACTIVE",
"created": "2025-08-11T23:46:51.092762Z",
"activated": "2025-08-11T23:46:51.092768Z",
"statusChanged": "2025-08-11T23:46:51.092769Z",
"lastLogin": "2025-08-11T23:46:51.09277Z",
"lastUpdated": "2025-08-11T23:46:51.092772Z",
"passwordChanged": "2025-08-11T23:46:51.092773Z",
"type": {
"id": "f5c19356-b090-1832-e1be-f248b98902ae"
},
"profile": {
"firstName": "John",
"lastName": "Brown",
"email": "john.brown@example.com",
"login": "john.brown@example.com",
"mobilePhone": "555-123-4567"
},
"credentials": {
"password": {},
"emails": [
{
"value": "john.brown@example.com",
"status": "VERIFIED",
"type": "PRIMARY"
}
],
"provider": {
"type": "OKTA",
"name": "OKTA"
}
},
"groups": [
{
"id": "00garwpuyxHaWOkdV0g4",
"created": "2025-08-11T23:46:51.439029Z",
"lastUpdated": "2025-08-11T23:46:51.439035Z",
"lastMembershipUpdated": "2025-08-11T23:46:51.439036Z",
"objectClass": ["okta:user_group"],
"type": "OKTA_GROUP",
"profile": {
"name": "Engineering",
"description": "Engineering team members"
},
"_links": {
"logo": [
{
"name": "medium",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-medium.png",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/groups/00garwpuyxHaWOkdV0g4/users"
},
"apps": {
"href": "https://{yourOktaDomain}/api/v1/groups/00garwpuyxHaWOkdV0g4/apps"
}
}
},
{
"id": "00garwpuyxHaWOkdV0g5",
"created": "2025-08-11T23:46:51.439029Z",
"lastUpdated": "2025-08-11T23:46:51.439035Z",
"lastMembershipUpdated": "2025-08-11T23:46:51.439036Z",
"objectClass": ["okta:user_group"],
"type": "OKTA_GROUP",
"profile": {
"name": "Security",
"description": "Security team"
},
"_links": {
"logo": [
{
"name": "medium",
"href": "https://{yourOktaDomain}/img/logos/groups/okta-medium.png",
"type": "image/png"
}
],
"users": {
"href": "https://{yourOktaDomain}/api/v1/groups/00garwpuyxHaWOkdV0g5/users"
}
}
}
],
"_links": {
"self": {
"href": "https://{yourOktaDomain}/api/v1/users/f5c19356-b090-1832-e1be-f248b98902ae"
}
}
}