Skip to main content

Data Restore and Download for Okta

This article provides steps on how you can restore your Okta data that Druva backed up for you.

Updated today

Restore Okta Data

Druva provides flexible restore options for your Okta environment, allowing you to recover data from any valid snapshot. Whether you need to recover a single accidentally deleted user, a specific application configuration, or perform a full organizational rollback, the process follows a unified workflow in the Druva Console.

Data Recovery Methods

Druva supports two primary recovery actions:

  • Restore to Okta: Automated push of objects directly into the target Okta tenant.

  • Download (JSON): Export of object metadata in JSON format for auditing or manual reconstruction.

Restore Scenarios

You can perform the following types of restores using the same interface:

  • Granular Restore: Recover a specific object (e.g., a single User, Group, or Policies).

  • Multi-Item Restore: Recover different categories of objects simultaneously (e.g., Directory and Security together or Group Rules and Policies together).

  • Full Organization Restore: Recover all backed-up data to revert the organization to a previous state.

Note: Granular selection across multiple categories is not supported. You must restore the entire category. For example, while you can restore all Groups and all Applications simultaneously, you cannot select specific individual groups and specific individual applications in the same restore job.

Important Considerations

Membership Preservation

Restoration is additive. When a user is restored, any Group or Application memberships added after the snapshot was taken will remain intact. The process does not remove users from groups they joined subsequent to the snapshot date.

User Matching Logic

Druva matches users in Okta using a two-step process:

  1. Okta ID Check: Druva first looks for the unique Okta ID.

  2. Login/Email Check: If the ID is not found (e.g., the user was deleted and recreated), Druva matches via the Login email address.

Restoring User Passwords

Okta does not allow the extraction of hashed passwords. Therefore, Druva cannot restore original passwords. Upon restoration, Druva sets the user’s status to 'Staged'. The user will receive an activation email to set a new password.

Troubleshooting Jobs

You can monitor the status of every restore or download attempt on the Jobs page. If a job shows "Completed With Errors," check the job logs to identify specific objects that failed to restore.

Restore to Okta

Follow these steps to perform restoration-

Locate Data for Restore

Before restoring, you must identify the data you wish to recover. You can do this by browsing a specific snapshot or by searching across your backup history.

Option A: Browse via Snapshot Timeline

If you know the date of the data you need:

  1. Navigate to Okta in the Druva Console.

  2. On the Domains page, locate your domain and click Restore.

  3. Select a Snapshot: Use the Snapshot Viewer dropdown to choose a specific date and time. You can filter snapshots by Last 24 Hrs, Last 7 Days, or Earlier.

4. Use the tree view to navigate through categories and select the object/ objects to restore.

Option B: Search Backup History

If you are looking for a specific deleted item across multiple snapshots:

  1. On the Restore Data page, click the Search icon at the top.

  1. Define Search Criteria:

    • Keyword: Enter the keyword. Keywords depend on the object you select.

    • Object Type: Filter by specific categories like Admin Roles, Users, or Groups.

    • Time Modified: Filter by a specific "From" and "To" date range.

  2. Select the desired data from the results list.

Choose Restore Action

Once you have selected your data, choose your recovery method.

Action 1: Restore Data to Okta

  1. Click the Restore button.

  2. In the confirmation dialog, configure your options:

    • Select Domain: Choose the target Okta domain where the data will be restored (e.g., integrator-1639012.okta.com). Ensure this is the correct environment before proceeding, as restores can overwrite live data.

    • Restore Options:

      1. Restore Relationships: Restores associations (e.g., ensuring a restored user retains their group memberships).

      2. Restore permanently deleted items only: If enabled, Druva only restores objects currently missing from Okta. If disabled, Druva performs an In-place Restore, overwriting existing data with the backup version.

    • On Conflict: The On Conflict dropdown determines how the system behaves when it finds a record in the destination that already exists in the restoration set.

      1. Skip: Leaves the existing data completely unchanged. The backup version of that specific record is ignored.

      2. Overwrite: Replaces the existing record in Okta with the version from the backup.

      3. Merge: Combines the backup data with the existing record, filling in missing attributes without deleting unique existing data.

Note: Devices and Workflows cannot be restored directly to Okta. These objects are available for download only for manual reference.

Action 2: Download Data

  1. Click the Download button.

  2. Verify the download settings (Format: JSON).

  3. Enable “Include Relationships” if you want to restore associations.

  4. Once the job is complete, the download link will be available on the Jobs page.

Related Articles
Restore your Microsoft Entra ID data
Configure the Druva Console for Okta Data Protection
Druva for Okta: Quick Start Guide
Restore your Active Directory data
Restore Activity Report
Did this answer your question?