If you have been working with applications in Okta for some time and occasionally use the APIs (or Workflows) you would be aware that one glaring omission in the API library was an API to manage the Push Groups on applications. This has now been addressed with the Group Push Mapping API. The Group Push … Continue reading New Okta Group Push API
Category: Universal Directory
Privileged Access Management for Microsoft Active Directory with Okta
Microsoft Active Directory is pervasive across industry, and thus a common target for hackers, particularly with the abundance of privileged accounts. In this article we look at how the Okta Workforce platform can use different approaches to managing privileged access and reducing the risk of these accessed. It includes just-in-time provisioning of access and dynamic … Continue reading Privileged Access Management for Microsoft Active Directory with Okta
Integrating Active Directory with Okta Privileged Access
Okta has recently released their Microsoft Active Directory (AD) integration with Okta Privileged Access. This allows AD admin accounts to be stored in the vault and exposed via policy for use when accessing AD-authenticated services. This article provides a brief overview of the new feature. What Is It?How Does it Work?What Does it Look Like?Conclusion … Continue reading Integrating Active Directory with Okta Privileged Access
Okta AI agent for Natural Language Querying
Introducing the AI Agent for Okta This is a technical deep dive for the AI agent for Okta (created by Fctr) which is a powerful, open-source tool that lets IAM engineers, managers, and auditors query their Okta tenants using plain English. Get ready to streamline workflows, save countless hours spent scripting to create the necessary … Continue reading Okta AI agent for Natural Language Querying
Assigning Administrators to Realms in Okta
Realms were introduced into Okta to provide an alternative mechanism for delegated administration with discrete user populations. A key aspect of this is the administration - you may need to have different types of administrator roles for the users in the realm, but also allow cross-realm roles. In this article we explore configuring administrators for … Continue reading Assigning Administrators to Realms in Okta
An Introduction to Realms in Okta
Okta recently added a new feature to the Universal Directory called Realms. This article provides an overview of the new feature. Background - Why do we need Realms?What Are Realms?Working with RealmsRealm AdministrationAutomatic Onboarding of Users into RealmsDelegating User ManagementOkta Workflows and Realms APIsManaging PartnersApplying GovernanceKnown Limitations and WorkaroundsConclusion Note that Realms is only available … Continue reading An Introduction to Realms in Okta
Okta Privileged Access Requests with JIRA and Okta Workflows
This article looks at how to use Jira to raise and manage time-bound privileged access requests in Okta Privileged Access. It leverages an Okta Workflows solution that integrates with Jira and then manages Okta group membership. IntroductionOverview of the SolutionSome Design ConsiderationsUser Experience and Background FlowsUser Requests Privileged AccessUser is Reminded about Pending Expiry of … Continue reading Okta Privileged Access Requests with JIRA and Okta Workflows
Active Directory Bidirectional Group Management
Description: This document describes how to set up Access Requests and Certification for AD-sourced groups imported into Okta. Pre-requisites: IGA license to manage AD groups in Okta. Active Directory integrated with Okta and proper service account permissions to manage groups in AD. Refer to “Group Push” permissions in this document: https://help.okta.com/en-us/content/topics/directory/ad-agent-about-service-account.htm All the user's managerID … Continue reading Active Directory Bidirectional Group Management
Privileged Access Management for AWS using Okta Workforce Solutions
This article is a summary of a presentation I recently gave looking at Okta Workforce Identity Cloud and Amazon Web Services (AWS). It is focused on how privileged access management can be applied to AWS users and access, leveraging the different Identity and Access Management (IAM) capabilities in Okta. IntroductionAccess Management and AWS PrivilegesIdentity Administration, … Continue reading Privileged Access Management for AWS using Okta Workforce Solutions
Leveraging Microsoft Authenticator as a Possession Factor with Okta
Please read the disclaimer first before you start implementing the approach DISCLAIMER: Okta Documentation mentions that configuring Microsoft Azure Active Directory (AAD) can't be used as an IDP Authenticator. This article will test that statement hence if you decide to implement this in your own Okta production org/instance and got into any production issues, Okta … Continue reading Leveraging Microsoft Authenticator as a Possession Factor with Okta