I've been looking into application entitlements and the Amazon Web Services (AWS) users, groups and entitlements has perplexed me for some time. I've had the opportunity to explore it, try to understand it and build some integration between Okta Workforce Identity Cloud (via Okta Workflows). This post is a summary of my findings. AWS and … Continue reading Understanding AWS IAM and Integrating with Okta and Workflows
Identity Governance and Administration domain topics
OIG Access Requests – Who is the Request Assignee?
As is often the case, product documentation tells you how to turn on or configure a function but often doesn't provide the context of that function. I found this yesterday when exploring something with a customer in Okta Identity Governance (OIG) Access Requests. What is the Request Assignee you can assign to some of the … Continue reading OIG Access Requests – Who is the Request Assignee?
OIG Access Requests – Can an Approver Supply Information for a Request?
Recently someone asked if Okta Identity Governance (OIG) Access Requests could be setup so a manager could supply additional information for the request. Their use case, the requester wants access to an application but they don't know the role they need, so the manager would select the role at the approval stage. Short answer - … Continue reading OIG Access Requests – Can an Approver Supply Information for a Request?
Did You Know the Machine Learning in OIG Access Requests Extends to the WebUI?
If you've seen a demonstration of Okta Identity Governance (OIG) Access Requests, you have probably seen the machine learning (AI) capability when requesting access in Slack or Microsoft Teams. You ask for access to something, and the AI will try to determine the best request type to present. It learns over time, so that terms … Continue reading Did You Know the Machine Learning in OIG Access Requests Extends to the WebUI?
New Reviewer Options in OIG Access Certification
There was a recent change to the reviewer selections for Okta Identity Governance (OIG) Access Certification to allow for more options and to simplify the administrative experience. The feature is currently an Early Access feature (the "Reviewer Assignment" enhancement) that can be turned on in an OIG-enabled Okta org. It will roll into production over … Continue reading New Reviewer Options in OIG Access Certification
Okta Identity Governance and/or Service Now – Architectural Patterns
Most organisations have some ITSM or service request tool, and ServiceNow is the most common. So it's understandable that any conversation about Okta Identity Governance, particularly access requests, will involve comparison with ServiceNow or integration patterns for both products. How do you approach an access request solution? Which product is going to meet your needs … Continue reading Okta Identity Governance and/or Service Now – Architectural Patterns
Risk-Based Application Certification in OIG
If you were at Oktane22, or have listened to the Oktane22 roadmap sessions, you will know risk and use of risk signals is a key focus for Okta going forward. This includes leveraging risk in Okta Identity Governance (OIG), to help make access requests and access certification more effective. But can you leverage risk today? … Continue reading Risk-Based Application Certification in OIG
Logging a ServiceNow Request via Workflows from OIG Access Requests
A common ask for Okta Identity Governance is to be able to log at ticket in a service desk tool, like ServiceNow, for manual provisioning activities after following an approval process in Access Requests. This article explores one approach to this using OIG Access Request events in the Okta System Log, Event Hooks and Okta … Continue reading Logging a ServiceNow Request via Workflows from OIG Access Requests
OIG Access Requests – Cancelling a Timer
If you're familiar with the timer feature in Okta Identity Governance (OIG) Access Requests, you may have wondered if you can cancel a running timer and if so, how? Let's show how it can be done. If you're not familiar with the timer feature, have a read of this article: https://iamse.blog/2022/07/27/oig-access-requests-using-the-new-timer-feature/. A timer is used … Continue reading OIG Access Requests – Cancelling a Timer
OIG Access Requests – Public or Private?
If you have looked at Okta Identity Governance Access Requests, you will know that a request will contain the history of the activity, such as the questions asked and answered, approval steps performed and actions taken. Did you know that a request, with all this information, can be Public or Private? Did you know that … Continue reading OIG Access Requests – Public or Private?