steampipe plugin install okta

Table: okta_trusted_origin - Query Okta Trusted Origins using SQL

Okta Trusted Origins is a service within Okta that allows you to manage the origins that are trusted to start browser-based authentication flows or permitted to make CORS requests. It provides a centralized way to manage these trusted origins for various Okta domains. Okta Trusted Origins helps you ensure the security of your Okta domains by controlling the origins that are allowed to interact with them.

Table Usage Guide

The okta_trusted_origin table provides insights into trusted origins within Okta. As a security engineer, explore trusted origin-specific details through this table, including origin names, origin types, and associated metadata. Utilize it to uncover information about trusted origins, such as those with CORS or redirect permissions, and the verification of these permissions.

Important Notes

  • This table supports an optional filter column to query results based on Okta supported filters.

Examples

Basic info

Explore which trusted origins in your Okta environment have been recently updated or created. This helps keep track of changes and maintain the security of your applications and APIs.

select
name,
id,
created,
last_updated,
origin,
scopes,
status
from
okta_trusted_origin;
select
name,
id,
created,
last_updated,
origin,
scopes,
status
from
okta_trusted_origin;

List trusted origins last updated 30 days ago

Determine the trusted origins that have not been updated in the past 30 days. This is useful for maintaining security by ensuring all trusted origins are up-to-date.

select
name,
id,
created,
last_updated,
origin,
scopes,
status
from
okta_trusted_origin
where
last_updated < current_timestamp - interval '30 days';
select
name,
id,
created,
last_updated,
origin,
scopes,
status
from
okta_trusted_origin
where
last_updated < datetime('now', '-30 day');

List CORS scoped trusted origins

Explore which trusted origins have been scoped for Cross-Origin Resource Sharing (CORS) to understand the security measures in place for data requests from different origins. This can help in assessing potential vulnerabilities and ensuring appropriate CORS policies are implemented.

select
name,
id,
created,
last_updated,
origin,
scopes,
status
from
okta_trusted_origin
where
scopes @> '[{"type":"CORS"}]' :: jsonb;
select
name,
id,
created,
last_updated,
origin,
scopes,
status
from
okta_trusted_origin
where
json_extract(scopes, '$[0].type') = 'CORS';

Schema for okta_trusted_origin

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
createdtimestamp with time zoneThe timestamp when the trusted origin was created.
created_bytextThe ID of the user who created the trusted origin.
domaintext=, !=, ~~, ~~*, !~~, !~~*The okta domain name.
idtext=A unique key for the trusted origin.
last_updatedtimestamp with time zoneThe timestamp when the trusted origin was last updated.
last_updated_bytextThe ID of the user who last updated the trusted origin.
nametextThe name of the trusted origin.
origintextThe origin of the trusted origin.
scopesjsonbThe scopes for the trusted origin. Valid values are 'CORS' or 'REDIRECT'.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustextCurrent status of the trusted origin. Valid values are 'ACTIVE' or 'INACTIVE'.
titletextThe title of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- okta

You can pass the configuration to the command with the --config argument:

steampipe_export_okta --config '<your_config>' okta_trusted_origin