Welcome to iamse.blog
This blog presents a series of articles on Identity and Access Management (IAM) written / curated / compiled by passionate group of engineers, evangelist, and other interested parties. You will find identity-centric, technology-driven articles and IAM domain articles, some written here and others collected from different sites where they have been published.
See the blocks down the side to navigate between pages, categories, tags and authors.
Disclaimer: This site is not OWNED, MANAGED or MAINTAINED by OKTA, Inc. OKTA, Inc has no direct affiliation with this site vice versa.
You won’t want to miss the amazing content that gets published continuously, so subscribe right here:
- Okta Device Integration with Workspace ONE
Introduction You can ensure that devices are managed by an endpoint management (in my example Workspace ONE) tool before end users can access apps from the device. Devices are managed if they meet these conditions: For desktop (Windows, macOS), management attestation certificates are deployed to the device with VMware Workspace ONE UEM. Prerequisites Configure management attestation … Continue reading Okta Device Integration with Workspace ONE - Leveraging Zero Standing Privileges and Shared Account Access with Okta Privileged Access
We all appreciate that a Zero Standing Privileges model is the best approach when it comes to privileged access – if a compromised account doesn’t have standing privileges, then the attacker is limited in what they can do. But the reality for many organisations is that there are still shared accounts with elevated privileges that … Continue reading Leveraging Zero Standing Privileges and Shared Account Access with Okta Privileged Access - Introducing Secrets Management in Okta Privileged Access
This article explores the new secrets management capability within Okta Privileged Access. Introduction to Secrets Management A key feature of the new Okta Privileged Access product is the introduction of a vault to securely store credentials (or secrets). With the initial release of the product this unlocks two critical use cases: This article will explore … Continue reading Introducing Secrets Management in Okta Privileged Access - Okta and VMware Horizon True SSO
Introduction This blogs covers a basic guide how to configure Okta and VMware Horizon to provide an end-to-end single sign on experience to the end-user .We need to have TrueSSO configured on our Horizon environment as this enable users are not required to also enter Active Directory credentials in order to use a remote desktop or … Continue reading Okta and VMware Horizon True SSO - Secure React App using Auth0(CIC) and deploy to Azure App ServiceTL;DR I had a customer recently ask me, if their React app which is being integrated with Auth0 (CIC) would continue to work if the React app is hosted out of Azure App Service ? Hence this article, as this more of proves the fact that irrespective of where the SPA is being hosted, Auth0(CIC) … Continue reading Secure React App using Auth0(CIC) and deploy to Azure App Service
- With Auth0 (Okta Customer Identity Cloud), get ready for Action !Let’s discover Actions, those pieces of code that act as flexible extensions to the authorization and authentication flow! For starters, what’s Auth0 ? Auth0 is an IaaS (Identity as a Service) solution, designed by and for developers. Acquired by Okta in 2021, Auth0 will become the solution for CIAM (Customer Identity Access Management), while the Okta … Continue reading With Auth0 (Okta Customer Identity Cloud), get ready for Action !
- Integrating VMware Identity Services with OktaVMware Identity Services is a relatively new service that allows organizations to centrally manage their cloud-based identities in Workspace ONE from a single interface. This streamlines the process and reduces the risk of errors. The service uses SCIM to automate the process of adding, updating, and removing user accounts and groups from SCIM 2.0 identity … Continue reading Integrating VMware Identity Services with Okta
- Okta Device Access – Desktop MFA for macOS
This is an Early Access feature! Okta Desktop MFA for macOS adds an extra layer of security to the macOS sign-in process by asking users for additional authentication before allowing computer access. In this blog we show you how to configure Desktop MFA in the Okta Admin Console, and then deploy it through VMware Workspace ONE. Technical Prerequisites Create … Continue reading Okta Device Access – Desktop MFA for macOS - Okta Privileged Access and Okta Access Requests
Okta Privileged Access (OPA) leverages with wider Okta Workforce Identity Cloud capabilities for many use cases. One of these integrations is with the Okta Access Requests components, that comes as part of the Okta Identity Governance (OIG) product, but also ships in a limited form with OPA. This article explores the two common use cases: … Continue reading Okta Privileged Access and Okta Access Requests - Okta Privileged Access – A Look at the Data Model
This article provides a simplified view of the data model used in Okta Privileged Access (OPA). Note that this is a logical view of data objects and their relationships, and the term “object” is used very loosely (more like data types). Also this is based on the current Early Access product and may change with … Continue reading Okta Privileged Access – A Look at the Data Model - Okta Privileged Access – A Technical Introduction
The new Okta Privileged Access product was featured in the recent Oktane23 conference. The product is currently (Oct 23) in early access with General Availability expected in Dec 23. This article is a brief technical overview of Okta Privileged Access (OPA) looking at the components and functions of the product. It is written to provide … Continue reading Okta Privileged Access – A Technical Introduction - Entitlements Managed in OIG with Early AccessThe new Entitlement Management capability in Okta Identity Governance (OIG) is currently in Early Access for OIG customers. With this release Okta has updated five of the Okta Integration Network (OIN) connectors to support this new capability – splitting entitlements from other application profile attributes and managing the two-way sync between Okta and the applications. … Continue reading Entitlements Managed in OIG with Early Access
- OIG Entitlement Management – A Technical Introduction
Okta continues to enhance the Okta Identity Governance product in the areas of Access Requests, Access Certification, and Governance reporting. However a significant update, Entitlement Management, was announced at Oktane23 and is currently in Early Access. This article provides a technical overview of the new Entitlement Management capability. What is Entitlement Management? Okta is adding … Continue reading OIG Entitlement Management – A Technical Introduction - Prevent Social engineering attacks by implementing Okta’s best practices.Tactics, Techniques and Procedures Below are some the tactics, Techniques and procedures an attacker may use. Best practices to implement. Best practices for Tenant level security in DelAuth mode: Workflow automations around security: Security is first and foremost to any business. Always be proactive than reactive, Below steps provides some best practices around automating security. … Continue reading Prevent Social engineering attacks by implementing Okta’s best practices.
- Okta Device Access – Desktop Password Sync for macOS
Update Nov 2023 – Added custom settings XML. Updated to reflect that this feature is now GA. Introduction With macOS Ventura, Apple introduced Platform SSO, which enables developers to create a single sign-on (SSO) extension that interacts directly with the macOS login window. This extension enables users to link their local macOS account with their … Continue reading Okta Device Access – Desktop Password Sync for macOS - Okta enrolled factor verification tool for Helpdesk to reset password/factors using Okta workflows and Slack modalPrerequisite: Problem statement: Okta enables selfservice to reset your password. This requires some high assurance factor for verification. Also some times they need to reset factors which does not have a way to do self service. If a end user calls Helpdesk to reset their password or factors. They always require the user to verify … Continue reading Okta enrolled factor verification tool for Helpdesk to reset password/factors using Okta workflows and Slack modal
- Okta API Access Management: a Dark Knight metaphorRecently, while thinking about what topic I should select for a new article, my gaze stopped on my desk. As often, a Batman comic was next to my right screen (for those who wonder, it was “Gotham Nocturne”). Then came to me a very geeky idea : if I were to explain some Okta concepts … Continue reading Okta API Access Management: a Dark Knight metaphor
- OKTA Workflows : the best is yet to come
In my previous article, I gave you a brief introduction to Okta workflows, in order to arouse your curiosity as to the potential of this tool. On the face of it, if you’re here, that’s the case (if you’ve seen the light and gone in, that’s good too!). Today, I’m going to take the presentation … Continue reading OKTA Workflows : the best is yet to come - Introduction to OKTA Workflows: nothing is impossible (almost)!
If you’re here, you probably know what Okta is. But if you don’t, we won’t hold it against you (promise!). Okta offers an IAM (Identity Access Management) solution, enabling you to centrally and securely manage your users’ identities and access to the resources they need to access. Okta is like the bouncer of the VIP … Continue reading Introduction to OKTA Workflows: nothing is impossible (almost)! - Oracle HCM Integration with Okta
This article explains how to connect Oracle’s HCM system to Okta as a HR Master, using Okta’s Anything as a Source API’s with Okta Workflows. Overview Anything-as-a-Source (XaaS) allows you to integrate any source of truth with Okta, and realize the benefits of HR-driven provisioning from any source of truth. XaaS gives customers the flexibility … Continue reading Oracle HCM Integration with Okta - OIG Assets in the Okta Community
Those following this blog will know we post a lot of technical assets on the Okta products from a technical specialist perspective, such as the how-to’s that aren’t obvious from product documentation or cross-product solutions to address specific use cases. But did you know there are some community assets published by Okta in addition to … Continue reading OIG Assets in the Okta Community - OIG Access Requests – Can I Attach a File?
A common requirement for access requests is adding a file to support the request. It may not be obvious, but Okta Identity Governance has the means to attach a file to a request. Let’s explore this and show an example. How to Attach a File in the Access Requests Portal A file can be attached … Continue reading OIG Access Requests – Can I Attach a File? - OIG Access Requests – Posting Questions Based on Earlier SelectionsMy colleague, Rajesh Kumar, showed me something today that fell into the “wow, I didn’t even think of using the product this way” category. It involves using logic in Access Request flows (Request Types) in Okta Identity Governance to prompt for additional information based on earlier selections. Let’s look at how the user experiences it, … Continue reading OIG Access Requests – Posting Questions Based on Earlier Selections
- OIG Access Requests and Workflows – Checking SoD In An Access Request
This article looks at a new approach you could use to perform Separation of Duties (SoD) checking from Okta Access Requests using Okta Workflows. It shows two approaches you could take to get SoD analysis into the request a soon as it’s raised so that the reviewer has the information at hand before approving the … Continue reading OIG Access Requests and Workflows – Checking SoD In An Access Request - Configure Okta as an Identity Provider for VMware Workspace ONE AccessThis blog article describes how to configure Okta as the identity provider to Workspace ONE Access. You can use this configuration to provide a streamlined device enrolment experience for devices with Workspace ONE UEM and access to Horizon delivered applications. You can leverage Okta’s extensible Multi-factor authentication and provide a consistent and familiar login experience for end … Continue reading Configure Okta as an Identity Provider for VMware Workspace ONE Access