Hi,
You can integrate Cisco AMP with Okta, however, there's no provisioning of mapping AD groups into the console. The console has 2 user roles -> Admin and User. As the name implies, Admin has complete access whereas the User has RO access only. At a high level, these would be the steps that you'd have to follow:
* Integrate AMP console with Okta
* Enable SSO
* Create relevant user accounts on the AMP console and give them Admin or User roles on the AMP console
* Once the above is done, you'll be able to login via SSO