Welcome to iamse.blog
This blog presents a series of articles on Identity and Access Management (IAM) written / curated / compiled by passionate group of engineers, evangelist, and other interested parties. You will find identity-centric, technology-driven articles and IAM domain articles, some written here and others collected from different sites where they have been published.
See the blocks down the side to navigate between pages, categories, tags and authors.
Disclaimer: This site is not OWNED, MANAGED or MAINTAINED by OKTA, Inc. OKTA, Inc has no direct affiliation with this site vice versa.
You won’t want to miss the amazing content that gets published continuously, so subscribe right here:
- Okta Workflows How-To: Anything as a Source with Pagination
Overview Anything-as-a-Source allows you to integrate any source of truth with Okta, and realize the benefits of HR-driven provisioning from any source of truth. XaaS gives customers the flexibility to define the terms of synchronization between Okta and the source of truth. See my original blog on Anything-as-a-Source here: Okta Workflows How-To: Anything as a … Continue reading Okta Workflows How-To: Anything as a Source with Pagination - Top 3 Actions for Technologists to help maximise the value of your businesses cyber security insuranceI recently had the privilege of organizing a knowledge-sharing webinar, where we brought together a panel of cyber security insurance (CSI) experts. Our discussion revolved around the present and future state of the industry, and I gained a wealth of valuable insights along the way which inspired this blog. One of the prevailing themes during … Continue reading Top 3 Actions for Technologists to help maximise the value of your businesses cyber security insurance
- Handle authentication/password resets for unique usernames with duplicate email address using CIC (Auth0)TL;DR In certain unique cases, I have come across a scenario where end customers are using a unique username (ex: USER01) with duplicate email address. In this blog post, I have tried to document a solution/approach on how we could handle authentication and password reset for these users using CIC (Auth0). Known Information Currently CIC … Continue reading Handle authentication/password resets for unique usernames with duplicate email address using CIC (Auth0)
- Workflows How To: Advanced User Reporting
Okta provides a number of Out of the Box reports for Okta’s Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS). These reports are based on the System Log and are therefore derived by user activity. A list of these reports can be found here: Report types | Okta But what if you want a … Continue reading Workflows How To: Advanced User Reporting - Enable Okta for VMware vCenter Server
In today’s security landscape, identity management and multifactor authentication (MFA) are crucial components. The latest release of vSphere, vSphere 8 Update 1, introduces support for cloud-based identity providers in vCenter, including the widely used Okta service. With this new capability, vSphere administrators can leverage modern identity management features for enhanced security and streamlined operations. Prerequisites … Continue reading Enable Okta for VMware vCenter Server - Setting up Okta Workflows with your Okta WIC/CIS tenant
If you have an Okta Workforce Identity Cloud or Okta Customer Identity Solution tenant then you are eligible for 5 Free flows to use within the Okta Workflows Platform. This article is to guide you step by step on how to set up Okta Workflows with your Okta tenant. Prerequisite: As an Okta Administrator, when … Continue reading Setting up Okta Workflows with your Okta WIC/CIS tenant - Breaking into the rolePart 2 of my series about life as a Sales Engineer – Read part 1 here Now you know what we do day to day, maybe you’re thinking you might be interested in it as a future role? Then this post is for you! In order to give you a rounded view, rather than just … Continue reading Breaking into the role
- A day in the life of a Solution EngineerRegardless of your means of stumbling upon IAMSE.blog, you may have wondered “What is an SE, and what do they do?” In a nutshell a Sales or Solution Engineer (SE) is part of a companies go to market team. They tend to be the technical counterpart to the Account Executive/s. There are many nuances within … Continue reading A day in the life of a Solution Engineer
- Creating a Twilio Messaging Connector with Workflows Connector Builder
Okta has just made generally available its Workflows Connector Builder and I am writing this post to celebrate. Okta’s Workflow Connector Builder delivers the powerful concept of reuse to your Workflows. It allows you build connections and actions once for re-use throughout all of your Workflows. Additionally, it gives vendors the opportunity to build and … Continue reading Creating a Twilio Messaging Connector with Workflows Connector Builder - Better Together Series: Microsoft Azure Sentinel + Okta
By integrating Okta with Azure Sentinel, you can correlate and pinpoint system-related attacks that may have been initiated via account takeovers, suspicious behaviour, MFA push bombs and other identity-related attacks. This also allows you to proactively quartine, prevent and contain any further/collateral damage that could happen if the risky event wasn’t handled appropriately and timely. - Better Together Series: Integrating Power Platform with Okta’s Workforce Identity Cloud
Seamless Identity and Access management with Power Platform (PowerApps) through Okta’s Workforce Identity Cloud - Okta Workflows How-To: Anything as a Source
Okta customers, particularly in the Workforce Identity space, are looking to model and, where possible, automate the IT processes associated with individuals joining, moving within, or leaving their organization. These processes are driven by changes to data in an organization’s source of truth for identity information. The driving forces behind automation include improving IT efficiency, … Continue reading Okta Workflows How-To: Anything as a Source - Bring Your Own Messaging Provider: WhatsApp OTP with Inline Hooks & WorkflowsOkta’s Identity Engine introduced an Inline Hook for Telephony effectively allow you to replace Okta’s inbuilt SMS solution with your own provider. This empowers customers to manage their own numbers and providers around the world allowing for cost and delivery optimisation. It also paves the way for adding additional channel options for OTP messages. Messaging … Continue reading Bring Your Own Messaging Provider: WhatsApp OTP with Inline Hooks & Workflows
- Secure your VMware Web Proxy access with Okta
Overview / Prerequisites In this blog I want to guide you through the process how we can integrate Okta as the IdP with VMware Web Proxy and how the User Experience looks .I will not cover how to create a Security Policy on the VMware side, but you can read this basic steps in my … Continue reading Secure your VMware Web Proxy access with Okta - Understanding AWS IAM and Integrating with Okta and WorkflowsI’ve been looking into application entitlements and the Amazon Web Services (AWS) users, groups and entitlements has perplexed me for some time. I’ve had the opportunity to explore it, try to understand it and build some integration between Okta Workforce Identity Cloud (via Okta Workflows). This post is a summary of my findings. AWS and … Continue reading Understanding AWS IAM and Integrating with Okta and Workflows
- Counting aMAUs from System LogsOkta’s Workforce Identity Cloud leverages the somewhat confusing named Annual Monthly Active Users (aMAU) metric to measure Customer Identity Access Management usage. This is distinct from Workforce Identity usage which is measured in a per user per month basis. aMAU is the cumulative annual measure of active users in any given month. That is unique … Continue reading Counting aMAUs from System Logs
- A Single Source of Truth – Okta as a Whole of Business Identity Solution, Part 1Introduction Over the last several years, an increasing number of organisations have begun to question the business value delivered by their continued use of on premise directory services, such as Active Directory. As a group of products, many on premise directory services do what they do exceptionally well, assuming they are well managed and you … Continue reading A Single Source of Truth – Okta as a Whole of Business Identity Solution, Part 1
- Phishing Resistant Authenticators in action through Okta Fastpass
In this blog, I will showcase how Okta is able to prevent and stop phishing attempts crafted by EvilGinX (MiTM) to your end users. Aside from preventing the phishing attempt, Okta can also be configured to orchestrate back-end orchestration flows that will raise awareness to your end users and also deliver a SecOps capability. - VMware SD-WAN Orchestrator Single Sign-On powered by Okta
In this article I would like to describe how to integrate the Okta into the SD-WAN Orchestrator and using Single Sign On (SSO) with different user types. VMware SD-WAN Orchestrator provides centralized, enterprise-wide installation, configuration, and real time monitoring, in addition to orchestrating the data flow through the cloud network. Prerequisites Configure Okta for Single Sign … Continue reading VMware SD-WAN Orchestrator Single Sign-On powered by Okta - OIG Access Requests – Who is the Request Assignee?
As is often the case, product documentation tells you how to turn on or configure a function but often doesn’t provide the context of that function. I found this yesterday when exploring something with a customer in Okta Identity Governance (OIG) Access Requests. What is the Request Assignee you can assign to some of the … Continue reading OIG Access Requests – Who is the Request Assignee? - New in Workflows: Security Operations Solution Packs
Okta Workflows has just released a number of templates focused on Security Operations Centre (SOC) processes. These Workflow templates are designed to help solve specific identity-based automation challenges for the Security Operations team using a bundled collection of pre-built and fully customizable flows. The categories include: Some of the main benefits are: To find all … Continue reading New in Workflows: Security Operations Solution Packs - Learn How to use Workflows for Inline Hooks
With this release of low-latency flows, Okta has laid the groundwork for supporting any web hook that is time sensitive. Traditionally, organizations have to spend engineering effort to build, deploy, host, and manage their own system in order to enrich a user’s profile (token or session), or notify/remediate a security threat. Those systems become even … Continue reading Learn How to use Workflows for Inline Hooks - Low Latency FlowsOkta Workflows doesn’t guarantee execution latency. Usually flows run very fast. However, Workflows is a multi-tenant system and doesn’t have a latency SLA. Flows execution times depend on: Because specific latency can’t be guaranteed, up until now, Workflows shouldn’t be used in any flows where execution time is critical to the scenario, such as token … Continue reading Low Latency Flows
- Fixed Recovery Questions with Workflows
Recently an Okta customer was interested in being able to set a fixed Recovery Question for a subset of its employees. In particular they wanted to use an attribute from their source of truth as a security answer. Having a fixed security question and answer based on an employee attribute does have security drawbacks however … Continue reading Fixed Recovery Questions with Workflows - OIG Access Requests – Can an Approver Supply Information for a Request?Recently someone asked if Okta Identity Governance (OIG) Access Requests could be setup so a manager could supply additional information for the request. Their use case, the requester wants access to an application but they don’t know the role they need, so the manager would select the role at the approval stage. Short answer – … Continue reading OIG Access Requests – Can an Approver Supply Information for a Request?