New Access Certification Auditor Reporting Package in OIG

Okta has just released a new Early Access feature for Okta Identity Governance Access Certifications - the Auditor Reporting Package. This new feature significantly expands the usefulness of OIG Access Certification campaign reporting. IntroductionEnabling the Feature - Globally and in CampaignsThe New Reporting InterfaceFinding the ReportsReport StatusGenerating reportsDownloading reportsConclusion Introduction When Okta Identity Governance (OIG) … Continue reading New Access Certification Auditor Reporting Package in OIG →

Role Analysis with Okta ISPM – Are My Groups and Roles Being Used Effectively

Okta Identity Security Posture Management (ISPM) performs analysis on groups and roles which can be used to tune access via groups/roles and reduce risk. This article explores how to use ISPM for role analysis. BackgroundUsing ISPM for Group and Role AnalysisThe Inventory View for Groups and RolesUnderstanding Group and Role UtilizationAn Example - Managing Underutilized … Continue reading Role Analysis with Okta ISPM – Are My Groups and Roles Being Used Effectively →

New Delegate Feature in OIG

Okta has recently released a delegate feature in Okta Idenity Governance. This feature allows all governance activity, such as reviewing access requests or access certifications, to another Okta user (optionally for a set period). This article introduces the new feature. IntroductionSetting a DelegationAs an AdministratorAs a UserAccess Requests as the DelegateAccess Certification as the DelegateDelegate … Continue reading New Delegate Feature in OIG →

New Okta Group Push API

If you have been working with applications in Okta for some time and occasionally use the APIs (or Workflows) you would be aware that one glaring omission in the API library was an API to manage the Push Groups on applications. This has now been addressed with the Group Push Mapping API. The Group Push … Continue reading New Okta Group Push API →

The New Unified Requester Experience in OIG

This article introduces the new Access Requests - Unified Requester Experience that is currently rolling out as an Early Access feature in Okta Identity Governance (OIG). The Background As Okta was building its new Identity Governance and Administration (IGA) product, it acquired a company to provide what would become the Access Requests component of Okta … Continue reading The New Unified Requester Experience in OIG →

A Brief Intro to SoD with OIG

Okta has just released a separation of duties feature into Okta Identity Governance. This article provides a brief introduction to the feature. IntroductionConfiguring SoD RulesRequesting Access with SoD ChecksRecertifying Access with SoD ViolationsReporting with SoDConclusion Introduction Separation of Duties (or Segregation of Duties, or more commonly SoD) has been a standard control for identity governance … Continue reading A Brief Intro to SoD with OIG →

Importing Entitlements for Disconnected Apps in OIG

Okta recently introduced a new feature into Okta Identity Governance for importing users and entitlements for disconnected apps via a CSV import. This article explores the new feature. IntroductionConfigurationStep 0 - Enable the FeatureStep 1 - Create New App Instance in OktaStep 2 - Define additional app user profile attributesStep 3 - Enable the Governance … Continue reading Importing Entitlements for Disconnected Apps in OIG →

Preconfigured Access Certification Campaigns in Okta Identity Governance

The Access Certifications capability has been a core part of Okta Identity Governance (OIG) since its inception. However in the first update for this year (2025.01.0), Preconfigured Access Certifications Campaigns were added to OIG. This article explores the new feature. Overview Building of access certification campaigns is very straightforward. The wizard-like flow walks you through … Continue reading Preconfigured Access Certification Campaigns in Okta Identity Governance →

An Introduction to Realms in Okta

Okta recently added a new feature to the Universal Directory called Realms. This article provides an overview of the new feature. Background - Why do we need Realms?What Are Realms?Working with RealmsRealm AdministrationAutomatic Onboarding of Users into RealmsDelegating User ManagementOkta Workflows and Realms APIsManaging PartnersApplying GovernanceKnown Limitations and WorkaroundsConclusion Note that Realms is only available … Continue reading An Introduction to Realms in Okta →

Reduce Risk through Governance for Okta Administrators

In this article we explore the different patterns for associating users with administrative roles and how we can reduce the risk around these using governance. There are multiple articles listing the controls that should be applied to the administrative access in Okta, but this article will focus on the governance controls. Introduction Okta administration is … Continue reading Reduce Risk through Governance for Okta Administrators →