This article introduces the new Access Requests - Unified Requester Experience that is currently rolling out as an Early Access feature in Okta Identity Governance (OIG). The Background As Okta was building its new Identity Governance and Administration (IGA) product, it acquired a company to provide what would become the Access Requests component of Okta … Continue reading The New Unified Requester Experience in OIG
Author: David Edwards (IAmDavid)
I have been working in Identity Management for a quarter of a century, spending 22 years working on various IAM products at IBM and now three years at Okta. Over that time I have worked across pre- and post-sales, including stints in services, fly-in support and technical enablement. I have covered access management, single signon (desktop, web and federated), identity governance and administration (IGA), directories and directory integration, and privileged access management (PAM). I'm one of the few identity practitioners with experience with mainframes and legacy on-premise systems like SAP. And I love to write!
New Secrets Search Function in Okta Privileged Access
Okta has introduced a new search function for Secrets in Okta Privileged Access (OPA). When an OPA user goes to the Secrets menu item, they will see a new search option. Typing in a search argument will show matching secrets with the secret name, Folder hierarchy (clickable breadcrumb), Resource Group / Project and Description. You … Continue reading New Secrets Search Function in Okta Privileged Access
Privileged Access Management for Microsoft Active Directory with Okta
Microsoft Active Directory is pervasive across industry, and thus a common target for hackers, particularly with the abundance of privileged accounts. In this article we look at how the Okta Workforce platform can use different approaches to managing privileged access and reducing the risk of these accessed. It includes just-in-time provisioning of access and dynamic … Continue reading Privileged Access Management for Microsoft Active Directory with Okta
Okta Privileged Access – Example Mechanisms to Export/View Session Recordings
This article provides some example mechanisms that could be used to export and view the session recording files produced by Okta Privileged Access. There are two examples shown: A simple series of scripts that show the flow and commands to export and view logs, and An overview of a mechanism built by a former Okta … Continue reading Okta Privileged Access – Example Mechanisms to Export/View Session Recordings
Integrating Active Directory with Okta Privileged Access
Okta has recently released their Microsoft Active Directory (AD) integration with Okta Privileged Access. This allows AD admin accounts to be stored in the vault and exposed via policy for use when accessing AD-authenticated services. This article provides a brief overview of the new feature. What Is It?How Does it Work?What Does it Look Like?Conclusion … Continue reading Integrating Active Directory with Okta Privileged Access
A Brief Intro to SoD with OIG
Okta has just released a separation of duties feature into Okta Identity Governance. This article provides a brief introduction to the feature. IntroductionConfiguring SoD RulesRequesting Access with SoD ChecksRecertifying Access with SoD ViolationsReporting with SoDConclusion Introduction Separation of Duties (or Segregation of Duties, or more commonly SoD) has been a standard control for identity governance … Continue reading A Brief Intro to SoD with OIG
Implementing an Offline Password Vault with Okta Privileged Access and KeePassXC
Okta Privileged Access is a SaaS offering. Currently it does not have an offline mode for local storage of break glass credentials. But you can extend it to do so, and that's the subject of this article. We look at a simple mechanism to export secrets from a folder and push them into a local … Continue reading Implementing an Offline Password Vault with Okta Privileged Access and KeePassXC
Importing Entitlements for Disconnected Apps in OIG
Okta recently introduced a new feature into Okta Identity Governance for importing users and entitlements for disconnected apps via a CSV import. This article explores the new feature. IntroductionConfigurationStep 0 - Enable the FeatureStep 1 - Create New App Instance in OktaStep 2 - Define additional app user profile attributesStep 3 - Enable the Governance … Continue reading Importing Entitlements for Disconnected Apps in OIG
An Introduction to Managing SaaS Shared (Service) Accounts in OPA
Late in 2024 Okta released a new feature for Okta Privileged Access - the ability to manage SaaS shared accounts using the same approach to managing access to other privileged resources like servers. This article provides an introduction to this new feature. IntroductionIntroducing SaaS Service Accounts in Okta Privileged AccessThe User ExperienceCheck Out CredentialsCheck In … Continue reading An Introduction to Managing SaaS Shared (Service) Accounts in OPA
An Introduction to Resource Collections in OIG
This article introduces the new Resource Collections feature in Okta Identity Governance, looking at how collections are defined, requested and reviewed. Introduction Okta has introduced a new feature into Okta Identity Governance (OIG) called Resource Collections (or sometimes referred to as just Collections). They are a way to define a role that spans different entitlements … Continue reading An Introduction to Resource Collections in OIG
IAMSE