# Collect data from OKTA
## Overview
Get system logs using the OKTA API.
## Configuration
### Parameters
* `parameters.mydomain` will store the value of the API URL, excluding the endpoint paths like or `/api/v1/logs`
### Secrets
* Auth Token (`OktaAuthorization`)
To add a Secret, open the **Secret** fields and click **New secret**:
* Give the secret a **Name**.
* Turn off the **Expiration date** option.
* Click **Add new value** and paste the secret corresponding to the value.
* Click **Save**.
{% hint style="info" %}
Learn more about secrets in Onum in [this article](/administration/global-settings/organization-settings/secrets-management.md).
{% endhint %}
You can now select the secret you just created in the corresponding fields.
After entering the required parameters and secrets, you can choose to manually enter the OKTA System Log fields, or simply paste the given YAML:
{% tabs %}
{% tab title="Config as YAML" %}
Toggle this **ON** to enable a free text field where you can paste your YAML.
```yaml
withTemporalWindow: true
temporalWindow:
duration: 5m
offset: 5m
tz: UTC
format: "2006-01-02T15:04:05"
withAuthentication: false
withEnumerationPhase: false
collectionPhase:
paginationType: "webLinking"
limit: 1000
request:
responseType: json
method: "GET"
url: "https://${parameters.mydomain}/api/v1/logs"
headers:
- name: Accept
value: "application/json"
- name: Content-Type
value: "application/json"
- name: Authorization
value: "SSWS ${secrets.OktaAuthorization}"
queryParams:
- name: since
value: "${temporalWindow.from}"
- name: until
value: "${temporalWindow.to}"
output:
select: "."
map: "."
outputMode: "element"
```
{% endtab %}
{% tab title="Manually configure" %}
**Temporal Window**
Toggle **ON** to add a temporal window for events. This repeatedly shifts the time window over which data is collected.
* **Duration -** 5 minutes (`5m`) as default, adjust based on your needs.
* **Offset -** `5m`
* **Format** - `2006-01-02T15:04:05`
**Authentication Phase**
Off
#### **Enumeration Phase**
Off
#### **Collection Phase**
* **Pagination Type****\***** -** `webLinking`
* **Zero index****\***** -** false
* **Limit****\***** -** 100
* **Request**
* **Response Type****\***** -** `JSON`
* **Method****\***** -** `GET`
* **URL****\***** -** `https://${parameters.myDomain}/api/v1/logs`
* **Headers**
* **Name** - Accept
* **Value** - `application/json`
* **Name** - Content-Type
* **Value** - `application/json`
* **Name** - Authorization
* **Value** - `SSWS ${secrets.OktaAuthorization}`
* **Query Params**
* **Name** - since
* **Value** - `${temporalWindow.from}`
* **Name** - Content-Type
* **Value** -`${temporalWindow.to}`
* **Output**
* **Select -** `.`
* **Map -** `.`
* **Output Mode** - `element`
{% endtab %}
{% endtabs %}
This HTTP Pull Listener now uses the data export API to extract events.
Click **Create labels** to move on to the next step and define the required [Labels](/the-workspace/listeners/labels.md) if needed.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.onum.com/the-workspace/listeners/listener-integrations/pull-data-from-http-endpoints/collect-data-from-okta.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.