There have been a number of features released for Okta Privileged Access over the recent months, some major and some minor, but may have been lost in the excitement of Oktane 25. This article provides a summary of all the changes release. IntroductionActive Directory Integration ChangesRDP Support (aka Click-to-Connect)AD rotate password configurationAD Accounts as Okta … Continue reading Recent Updates to Okta Privileged Access – Oct 25
Author: David Edwards (IAmDavid)
I have been working in Identity Management for a quarter of a century, spending 22 years working on various IAM products at IBM and now three years at Okta. Over that time I have worked across pre- and post-sales, including stints in services, fly-in support and technical enablement. I have covered access management, single signon (desktop, web and federated), identity governance and administration (IGA), directories and directory integration, and privileged access management (PAM). I'm one of the few identity practitioners with experience with mainframes and legacy on-premise systems like SAP. And I love to write!
The Okta ITP Workflows Connector
In May 2025 Okta released a Workflows connector for Identity Threat Protection with Okta AI, called the Okta ITP connector. This article is a brief walkthrough of the connector. IntroductionThe Okta ITP ConnectorConnector AuthenticationConnector Events and ActionsSome ExamplesConclusion Introduction With the release of Identity Threat Protection with Okta AI (ITP), new capabilities have been added … Continue reading The Okta ITP Workflows Connector
Using Risk in Okta to Manage Privileged Access in OPA
Identity Threat Protection with Okta AI will continuously assess user context and automatically respond to identity threats across your ecosystem. This includes managing entity (user) risk levels. Okta Privileged Access does not explicitly have user risk built in, but user risk can be applied to control how users access privileged resources. This article looks at … Continue reading Using Risk in Okta to Manage Privileged Access in OPA
RDP’ing with Microsoft Active Directory Accounts in OPA
Okta is extending it's Okta Privileged Access capabilities with Microsoft Active Directory accounts by adding the ability to leverage them in direct RDP connections. This means it now supports two use cases with AD accounts - a reveal function where those credentials can be used (via copy'n'paste) to any AD-authenticated service, and the new direct … Continue reading RDP’ing with Microsoft Active Directory Accounts in OPA
New Access Certification Auditor Reporting Package in OIG
Okta has just released a new Early Access feature for Okta Identity Governance Access Certifications - the Auditor Reporting Package. This new feature significantly expands the usefulness of OIG Access Certification campaign reporting. IntroductionEnabling the Feature - Globally and in CampaignsThe New Reporting InterfaceFinding the ReportsReport StatusGenerating reportsDownloading reportsConclusion Introduction When Okta Identity Governance (OIG) … Continue reading New Access Certification Auditor Reporting Package in OIG
Role Analysis with Okta ISPM – Are My Groups and Roles Being Used Effectively
Okta Identity Security Posture Management (ISPM) performs analysis on groups and roles which can be used to tune access via groups/roles and reduce risk. This article explores how to use ISPM for role analysis. BackgroundUsing ISPM for Group and Role AnalysisThe Inventory View for Groups and RolesUnderstanding Group and Role UtilizationAn Example - Managing Underutilized … Continue reading Role Analysis with Okta ISPM – Are My Groups and Roles Being Used Effectively
New Delegate Feature in OIG
Okta has recently released a delegate feature in Okta Idenity Governance. This feature allows all governance activity, such as reviewing access requests or access certifications, to another Okta user (optionally for a set period). This article introduces the new feature. IntroductionSetting a DelegationAs an AdministratorAs a UserAccess Requests as the DelegateAccess Certification as the DelegateDelegate … Continue reading New Delegate Feature in OIG
A Set of Utilities for Secrets Management in OPA
In a recent engagement a customer raised issues around management of secrets and folder,s and associated policies and users in their Okta Privileged Access (OPA) deployment. In the spirit of the mantra of Mr Bigweld in Robots "see a need, fill a need", I set about writing some utilities to help manage larger, more-complex Secrets … Continue reading A Set of Utilities for Secrets Management in OPA
ISPM Architecture
This article provides a brief introduction to the architecture of Okta Identity Security Posture Management (ISPM). The following figure provides an overview of the architecture. We will break it up into the Input, Service, Console with Users/Roles and Output. Input ISPM is fed from different sources. The main source is from other customer systems, such … Continue reading ISPM Architecture
New Okta Group Push API
If you have been working with applications in Okta for some time and occasionally use the APIs (or Workflows) you would be aware that one glaring omission in the API library was an API to manage the Push Groups on applications. This has now been addressed with the Group Push Mapping API. The Group Push … Continue reading New Okta Group Push API