> ## Documentation Index
> Fetch the complete documentation index at: https://docs.truu.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# Okta Unified Directory
> This is the step by step guide as to how one configures TruU with their Okta Unified Directory.
**Directory Configuration**
1. Go to your "TruU Admin Portal" and, under the "Settings" drop down menu, select **Directory**. Then, click the **(+)** to add a new directory
2. Next, enter all of the the required information in all valid fields:
| Setting | Description |
| ------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Configuration Name | A unique name to identify the directory connection. For best practice, directory names should be based on the instance and region where the directory resides (e.g. US-Denver-Production) |
| Tenant ID | The URL of your Okta tenant (e.g. ‘https\://\.okta.com’) |
| Okta API Token | An Okta API token authorizes TruU Identity Servers to securely query users in the Okta directory |
| Automatically Remove Devices Based on Changes to User Status in Directory | Setting this to ‘True’ will automatically unenroll devices when user accounts are removed from the corporate directory. Additionally, you can specify whether devices should be unenrolled for other user account changes such as Account Deactivated, Account Suspended, or Account Locked (differs depending on directory). You can also choose to remove the user record from the admin console entirely |
NOTE: If not all of your users have the same UPN suffix that ends with \, this can be set to **No** and revisited at a later time
3. In order to insert your *Okta API Token*, you must create the Okta API Token on your Okta Admin Console. To do so, follow the steps below:
1. On the Okta Admin Console, navigate to the "Security" dropdown menu and select **API**
2. Click **Tokens**
3. Click **Create Token**
4. Name your token (we suggest "*TruU*") and select **Any IP** in the second drop down. Then, click **Create token**
5. You have now generated your API Token. This "Token Value" you will be able to copy and paste into your TruU Admin Console by clicking the marked "copy" button, and click **Ok, got it**
6. This token value will be pasted in the "Okta API Token" section of the Directory Configuration page in the TruU Admin Console as seen below
4. Once you fill in all the fields, click **Save**. You will be prompted with the following pop-up. Select **Go Now**
5. Now make sure you are in the *Global Attributes* tab and click on the **Gear icon** in the top right portion of the screen. Here, you are able to select what your Primary User Identifier will be for the user throughout the system. Make sure you click **Save** on the pop up window
6. Navigate to the **"Identity Servers"** tab under the "Environment" section. Click on the **Cluster** tab, and select your directory. Upon selection, choose your directory configuration in the prompted drop down menu under \_Directory Connection
7. It may require 2-3 minutes, but once you get the "Healthy" diagnostic, you have successfully configured your directory
***
[Entra ID Configuration Automation](/docs/entra-id-configuration-automation)
[FIDO2](/docs/fido2)