Month: January 2023

New in Workflows: Security Operations Solution Packs

Okta Workflows has just released a number of templates focused on Security Operations Centre (SOC) processes. These Workflow templates are designed to help solve specific identity-based automation challenges for the Security Operations team using a bundled collection of pre-built and fully customizable flows. The categories include: Security Awareness Identity Automation + Response Incident Investigation + … Continue reading New in Workflows: Security Operations Solution Packs

Learn How to use Workflows for Inline Hooks

ImportantCreate Inline Hook With this release of low-latency flows, Okta has laid the groundwork for supporting any web hook that is time sensitive. Traditionally, organizations have to spend engineering effort to build, deploy, host, and manage their own system in order to enrich a user's profile (token or session), or notify/remediate a security threat. Those … Continue reading Learn How to use Workflows for Inline Hooks

Low Latency Flows

Okta Workflows doesn't guarantee execution latency. Usually flows run very fast. However, Workflows is a multi-tenant system and doesn't have a latency SLA. Flows execution times depend on: Complexity of the flow (including built-in waits) Lag between increased demand for system resources and Okta adding extra capacity Latency or rate limiting by third-party APIs Because … Continue reading Low Latency Flows

Fixed Recovery Questions with Workflows

Recently an Okta customer was interested in being able to set a fixed Recovery Question for a subset of its employees. In particular they wanted to use an attribute from their source of truth as a security answer. Having a fixed security question and answer based on an employee attribute does have security drawbacks however … Continue reading Fixed Recovery Questions with Workflows

OIG Access Requests – Can an Approver Supply Information for a Request?

Recently someone asked if Okta Identity Governance (OIG) Access Requests could be setup so a manager could supply additional information for the request. Their use case, the requester wants access to an application but they don't know the role they need, so the manager would select the role at the approval stage. Short answer - … Continue reading OIG Access Requests – Can an Approver Supply Information for a Request?

Okta Devices SDK Sample App

Sample App Setup ProcedureStep 1 - Create a OIDC Client AppStep 2 - Configure Firebase Cloud MessagingCreate Firebase ProjectAdd an Android App to your ProjectCreate an API KeyStep 3 - Set Up Notification ServiceStep 4 - Add a Custom AuthenticatorStep 5 - Configure a Global Session Policy and Authentication PoliciesStep 6 - Download and Compile … Continue reading Okta Devices SDK Sample App

Enforcing device assurance on unmanaged devices (BYOD)

One of the biggest challenges for organisations is being able to increase the security posture of their employee's BYOD devices while respecting their privacy and improving their user experience. Okta announced recently the new feature called Okta Device Assurance which allow organisations to increase the posture of their BYOD's users leveraging Okta Verify Application. Until … Continue reading Enforcing device assurance on unmanaged devices (BYOD)

Did You Know the Machine Learning in OIG Access Requests Extends to the WebUI?

If you've seen a demonstration of Okta Identity Governance (OIG) Access Requests, you have probably seen the machine learning (AI) capability when requesting access in Slack or Microsoft Teams. You ask for access to something, and the AI will try to determine the best request type to present. It learns over time, so that terms … Continue reading Did You Know the Machine Learning in OIG Access Requests Extends to the WebUI?

New Reviewer Options in OIG Access Certification

There was a recent change to the reviewer selections for Okta Identity Governance (OIG) Access Certification to allow for more options and to simplify the administrative experience. The feature is currently an Early Access feature (the "Reviewer Assignment" enhancement) that can be turned on in an OIG-enabled Okta org. It will roll into production over … Continue reading New Reviewer Options in OIG Access Certification