Privileged Access Management for Federated Users

This document describes the approach and mechanism to authorize users to access Okta Privileged Access (OPA) and protected resources. IntroductionObjectiveKey FeaturesUse CaseOverviewThe Aim of the SolutionHow the Solution is BuiltSSO: Setup Trust between IDP and SPAdd Org2Org Application on IDP tenant:Setup configuration on Service Provider TenantCreate Identity Provider Rule:Update Org2Org Application on IDP tenant:Assign Okta … Continue reading Privileged Access Management for Federated Users →

Governance for Okta Privileged Access Server Resources

This document describes the approach and mechanism to run a certification campaign to review Okta Privileged Access Resource (Server) access. Introduction Overview The Aim of the Solution How the Solution is Built Building Okta Privileged Access Sync Connector OPA Data Sync Steps Step 1: Okta Application Setup Step 2: Setup Workflow Step 2.1 Create Connections … Continue reading Governance for Okta Privileged Access Server Resources →

Okta Privileged Access: Secret Rotation Reminder

This article is to help to rotate static credentials managed by the Okta Privileged Access vault by sending a reminder to the security team if the secret is vaulted and has not been rotated for more than 30 days (configurable). The Security team can take action and rotate the secrets. This solution is provided as … Continue reading Okta Privileged Access: Secret Rotation Reminder →

Okta Privileged Access: Hashicorp Vault Secrets Migration

This article is to help to migrate Hashicorp vaults' secret into the Okta Privileged Access vault. This solution is provided as a guide and it can be further enhanced or extended to use for any other third party vault. The given tool is developed in java using Spring Boot framework. This tool has a property … Continue reading Okta Privileged Access: Hashicorp Vault Secrets Migration →

Okta Privileged Access: How to Backup and Restore

This article is to help with Backup and Restore process for Okta Privileged Access (OPA) components managed and maintained outside of the Okta infrastructure. Backing up your Okta PA server agent and Gateway configurations is a proactive safeguard against downtime, and other unwanted negative impacts to your business. OPA does not have capabilities to back … Continue reading Okta Privileged Access: How to Backup and Restore →

Okta Privileged Access : User Identity Creation alert

This article is to send a notification to the security team if a new user id is being created on any Okta PA protected resources. This will help the security team to identify new identities directly created on protected servers which are not discovered and being managed by the vault in Okta Privileged Access - … Continue reading Okta Privileged Access : User Identity Creation alert →