# App Inventory Fetches application data from Okta for continuous visibility into app provisioning and access control. **Sync Type: Full Synchronisation** ## Authentication This input supports API Key and OAuth 2.0 (service app) authentication. See [Okta Authentication](./okta-auth) for setup instructions and required credentials for each method. ## Details Monad uses the `cron` field to run this input on specific intervals and returns all applications' details, performing a full sync of data each time. ## Configuration The following configuration defines the input parameters. Each field's specifications, such as type, requirements, and descriptions, are detailed below. #### Settings | Setting | Type | Required | Description | |---------|------|----------|-------------| | Org URL | string | Yes | Your Okta Organization URL. | | Cron | string | Yes | A cron expression defining how often to fetch user data. | | API Rate Limit | object | No | Optional limit on the connector's outbound request rate to the source API. Leave blank to use the connector's default behavior. See [API Rate Limiting](../../../guides/rate-limiting) for the field format, limits, and how to choose a value. | #### Secrets Secrets vary by authentication method. See [Okta Authentication](./okta-auth) for details. If using the Oauth flow, the token should be granted the ```okta.apps.read``` scope. ## Custom Schema Handling If the source data doesn't align with any of the [OpenSecurityControlFramework (OSCF) schemas](https://schema.ocsf.io/), you can create a custom transformation using our JQ transform pipeline. For example: ```jq { metadata: { schema_version: "1.0.0", custom_framework: "my_framework" }, controls: .[] } ``` For more information on JQ and how to write your own JQ transformations see the JQ docs [here](https://jqlang.github.io/jq/). If you believe this data source should be included in the standard OSCF schema set, please reach out to our team at [support@monad.com](mailto:support@monad.com). We're always looking to expand our coverage of security control frameworks based on community needs. ### Related Articles - [https://help.okta.com/en-us/content/topics/security/api.htm](https://help.okta.com/en-us/content/topics/security/api.htm) - [https://developer.okta.com/docs/reference/api/apps/#list-applications](https://developer.okta.com/docs/reference/api/apps/#list-applications) ## Sample Record ```json { "id": "0oa1gjh63g214q0Hq0g4", "name": "testorgone_customsaml20app_1", "label": "Custom Saml 2.0 App", "status": "ACTIVE", "lastUpdated": "2025-08-11T23:46:51.84619Z", "created": "2025-08-11T23:46:51.846195Z", "accessibility": { "selfService": false, "errorRedirectUrl": null, "loginRedirectUrl": null }, "visibility": { "autoSubmitToolbar": false, "hide": { "iOS": false, "web": false }, "appLinks": { "testorgone_customsaml20app_1_link": true } }, "features": [], "signOnMode": "SAML_2_0", "credentials": { "userNameTemplate": { "template": "${fn:substringBefore(source.login, \"@\")}", "type": "BUILT_IN" }, "signing": {} }, "settings": { "app": {}, "notifications": { "vpn": { "network": { "connection": "DISABLED", "message": null, "helpUrl": null } } }, "signOn": { "defaultRelayState": "", "ssoAcsUrl": "https://{yourOktaDomain}", "idpIssuer": "http://www.okta.com/${org.externalKey}", "audience": "https://example.com/tenant/123", "recipient": "http://recipient.okta.com", "destination": "http://destination.okta.com", "subjectNameIdTemplate": "${user.userName}", "subjectNameIdFormat": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", "responseSigned": true, "assertionSigned": true, "signatureAlgorithm": "RSA_SHA256", "digestAlgorithm": "SHA1", "honorForceAuthn": true, "authnContextClassRef": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", "slo": { "enabled": true, "spIssuer": "https://testorgone.okta.com", "logoutUrl": "https://testorgone.okta.com/logout" }, "participateSlo": { "enabled": true, "logoutRequestUrl": "https://testorgone.okta.com/logout/participate", "sessionIndexRequired": true, "bindingType": "REDIRECT" }, "spCertificate": { "x5c": [ "MIIFnDCCA4QCCQDBSLbiON2T1zWEIUOFGIHD2EOWQIPHFU1haW5lMRAwDgYDVQQQE'F0PHIJWE'AISBCNKWEluYzEUMBIGA1UECwwLRW5EQILFYVKSBCIEDWUKVBCG;IUWE;KSAVBCD..." ] } } } } ```