Those following this blog will know we post a lot of technical assets on the Okta products from a technical specialist perspective, such as the how-to's that aren't obvious from product documentation or cross-product solutions to address specific use cases. But did you know there are some community assets published by Okta in addition to … Continue reading OIG Assets in the Okta Community
Category: IGA
Identity Governance and Administration domain topics
OIG Access Requests – Can I Attach a File?
A common requirement for access requests is adding a file to support the request. It may not be obvious, but Okta Identity Governance has the means to attach a file to a request. Let's explore this and show an example. How to Attach a File in the Access Requests Portal A file can be attached … Continue reading OIG Access Requests – Can I Attach a File?
OIG Access Requests – Posting Questions Based on Earlier Selections
My colleague, Rajesh Kumar, showed me something today that fell into the "wow, I didn't even think of using the product this way" category. It involves using logic in Access Request flows (Request Types) in Okta Identity Governance to prompt for additional information based on earlier selections. Let's look at how the user experiences it, … Continue reading OIG Access Requests – Posting Questions Based on Earlier Selections
OIG Access Requests and Workflows – Checking SoD In An Access Request
This article looks at a new approach you could use to perform Separation of Duties (SoD) checking from Okta Access Requests using Okta Workflows. It shows two approaches you could take to get SoD analysis into the request a soon as it's raised so that the reviewer has the information at hand before approving the … Continue reading OIG Access Requests and Workflows – Checking SoD In An Access Request
OIG Access Requests – Posting Additional Information into a Request
This article looks at a recent addition to the Okta Identity Governance (OIG) Access Request API that allows updating of in-flight access requests and can be used to add additional data to help reviewers review requests. Overview of the IntegrationAn Example Request With Additional InformationThe Mechanics of the IntegrationNew Requests API CallAccess Request Created Event … Continue reading OIG Access Requests – Posting Additional Information into a Request
User Access Reviews in Okta Identity Governance
This article explores the new user campaign (User Access Review) feature in Okta Identity Governance (OIG) Access Certifications. IntroductionSetting Up a User CampaignGeneral Set UpUsers SelectionResources StepReviewer StepRemediation StepRunning a User CampaignLaunching the CampaignCampaign ReviewMonitoring, Managing and ReportingConclusion Introduction The ability to build and run access certification campaigns against resources in Okta (groups and applications) … Continue reading User Access Reviews in Okta Identity Governance
OIG Access Requests – Calling an Okta Workflow from Within a Request Type
For some time there has been the ability to trigger a workflow in Okta Workflows from a request flow in Okta Access Requests via events written to the Okta System Log. Events were created for a request being initiated and being closed. But this approach has some limitations, such as a lot of processing within … Continue reading OIG Access Requests – Calling an Okta Workflow from Within a Request Type
Understanding AWS IAM and Integrating with Okta and Workflows
I've been looking into application entitlements and the Amazon Web Services (AWS) users, groups and entitlements has perplexed me for some time. I've had the opportunity to explore it, try to understand it and build some integration between Okta Workforce Identity Cloud (via Okta Workflows). This post is a summary of my findings. AWS and … Continue reading Understanding AWS IAM and Integrating with Okta and Workflows
OIG Access Requests – Who is the Request Assignee?
As is often the case, product documentation tells you how to turn on or configure a function but often doesn't provide the context of that function. I found this yesterday when exploring something with a customer in Okta Identity Governance (OIG) Access Requests. What is the Request Assignee you can assign to some of the … Continue reading OIG Access Requests – Who is the Request Assignee?
OIG Access Requests – Can an Approver Supply Information for a Request?
Recently someone asked if Okta Identity Governance (OIG) Access Requests could be setup so a manager could supply additional information for the request. Their use case, the requester wants access to an application but they don't know the role they need, so the manager would select the role at the approval stage. Short answer - … Continue reading OIG Access Requests – Can an Approver Supply Information for a Request?