This article provides information on the latest feature released for Okta Privileged Access - Checkout. This feature allows setting exclusive checkout on shared accounts and manage the checkout/checkin of those accounts. Pre-ReqsEnable Checkout for Servers in a ProjectCheckout from the Command LineCheckout from the Web UIForcing a Check InConclusion Pre-Reqs The feature is there in … Continue reading The New Checkout Feature in Okta Privileged Access
Author: David Edwards (IAmDavid)
I have been working in Identity Management for a quarter of a century, spending 22 years working on various IAM products at IBM and now three years at Okta. Over that time I have worked across pre- and post-sales, including stints in services, fly-in support and technical enablement. I have covered access management, single signon (desktop, web and federated), identity governance and administration (IGA), directories and directory integration, and privileged access management (PAM). I'm one of the few identity practitioners with experience with mainframes and legacy on-premise systems like SAP. And I love to write!
Managing Access in Okta Privileged Access with the new OIG Resource Catalog
Okta has released into Early Access a new feature called the Access Request Conditions and Resource Catalog, or more simply the Resource Catalog. This is a new way to configure and use access requests in Okta Identity Governance. This article shows how this can be applied to access within Okta Privileged Access. IntroductionA Quick Revision … Continue reading Managing Access in Okta Privileged Access with the new OIG Resource Catalog
Privileged Access Management for AWS using Okta Workforce Solutions
This article is a summary of a presentation I recently gave looking at Okta Workforce Identity Cloud and Amazon Web Services (AWS). It is focused on how privileged access management can be applied to AWS users and access, leveraging the different Identity and Access Management (IAM) capabilities in Okta. IntroductionAccess Management and AWS PrivilegesIdentity Administration, … Continue reading Privileged Access Management for AWS using Okta Workforce Solutions
OIG APIs – Use Okta Connector in Workflows Now
This short post is for the information of people who may look at some of the older OIG API and Workflows articles on this site and find they no longer work. You should be using the Okta Connector with the Custom API Action card now instead of the old generic API Connector card. The OLD … Continue reading OIG APIs – Use Okta Connector in Workflows Now
A Look at the new Govern Okta Admin Roles feature
This article is a walkthrough of the new Govern Okta Admin Roles feature in Okta Workforce Identity Cloud (WIC). Overview of the FeatureEnabling the FeatureCreate Admin Role BundlesCreate and Test Access RequestsCreate an Access RequestRequest Admin Role AccessAccess Certification of Admin RolesCreate a CampaignLaunch the CampaignReview Access in the CampaignConclusion Overview of the Feature This … Continue reading A Look at the new Govern Okta Admin Roles feature
Okta Device Access – Troubleshooting SSPR on Windows
This article explores the mechanisms available to help troubleshoot issues with Self-Service Password Reset (SSPR) with Okta Device Access in a Windows Domain-joined environment. There are multiple components involved in a SSPR flow with Okta Device Access and understanding the components, flow and where the components log messages is useful for troubleshooting issues. Overview of … Continue reading Okta Device Access – Troubleshooting SSPR on Windows
Consolidating Nested Lists in Okta Workflows
Working with lists in Okta Workflows is common, but sometimes the list processing actions can be overwhelming and confusing. In this article I look at how I approached a problem of consolidating nested lists with a standard pattern of Lists actions. It should give you an idea of how you can use different Lists actions … Continue reading Consolidating Nested Lists in Okta Workflows
OIG Entitlement Management Videos on YouTube
Some colleagues have recently published a set of videos on YouTube (okta channel) highlighting some of the features of the new Entitlement Management capability in Okta Identity Governance (see out Entitlement Management page for more information on the product). Most of the videos will show up by searching for "entitlement" and "okta" (https://www.youtube.com/results?search_query=entitlement+okta). It may … Continue reading OIG Entitlement Management Videos on YouTube
Okta Privileged Access – Determining and Highlighting Risk in Roles and Policies
Okta Privileged Access provides a flexible framework for controlling who can access what privileged resources and how. This includes resource groups for managing resources, security policies for controlling access, administrative roles to manage them, and principals to use them. Invariably configuring the PAM solution will introduce risk. But how to monitor and manage the risk … Continue reading Okta Privileged Access – Determining and Highlighting Risk in Roles and Policies
Okta Privileged Access and Access Certification – Getting Roles into the Group Description
As with many SaaS applications in Okta, application entitlement can be managed via Okta Groups pushed to Okta Privileged Access (OPA). This means membership in OPA policies and roles is based on Okta Group membership and thus can be governed by access requests and access certification for those groups. In this article we look at … Continue reading Okta Privileged Access and Access Certification – Getting Roles into the Group Description
IAMSE