Okta Identity Governance and/or Service Now – Architectural Patterns

Most organisations have some ITSM or service request tool, and ServiceNow is the most common. So it's understandable that any conversation about Okta Identity Governance, particularly access requests, will involve comparison with ServiceNow or integration patterns for both products. How do you approach an access request solution? Which product is going to meet your needs … Continue reading Okta Identity Governance and/or Service Now – Architectural Patterns

Risk-Based Application Certification in OIG

If you were at Oktane22, or have listened to the Oktane22 roadmap sessions, you will know risk and use of risk signals is a key focus for Okta going forward. This includes leveraging risk in Okta Identity Governance (OIG), to help make access requests and access certification more effective. But can you leverage risk today? … Continue reading Risk-Based Application Certification in OIG

Logging a ServiceNow Request via Workflows from OIG Access Requests

A common ask for Okta Identity Governance is to be able to log at ticket in a service desk tool, like ServiceNow, for manual provisioning activities after following an approval process in Access Requests. This article explores one approach to this using OIG Access Request events in the Okta System Log, Event Hooks and Okta … Continue reading Logging a ServiceNow Request via Workflows from OIG Access Requests

OIG – Triggering Workflows From Access Certification Reviews

Okta Identity Governance (OIG) provides an access certification component for reviewing users and their access. When reviewing access, a reviewer (such as a users manager) can approve or revoke the access (or reassign). With the revoke action, the access certification campaign can be configured to automatically remove access or do nothing (i.e. leave the access … Continue reading OIG – Triggering Workflows From Access Certification Reviews

OIG – Certification for External System Entitlements

A common ask for Okta Identity Governance (OIG) is to be able to do access certification on external application data. Currently OIG can only run campaigns on objects (group memberships and application assignments) in the Okta Universal Directory (UD). Importing of external system entitlements is on the product roadmap. But with some understanding of the … Continue reading OIG – Certification for External System Entitlements

Certifying Access for Disconnected Application in Okta

The beauty with Okta is that there are over 500 applications in the Okta Integration Network that enables Admins to automate the user lifecycle. For these apps, Okta Identity Governance enables immediate remediation based on access reviews. There are still many applications that don’t and won’t support this, which creates a challenge when it comes … Continue reading Certifying Access for Disconnected Application in Okta

Historical Reporting of OIG Access Requests

A common request asked is how to look at past access request events. Currently you can see the results of the requests in the Okta System Log and also in the Okta Identity Governance (OIG) Access Requests admin console. This article will explore these. Article contents: OverviewEvents in the Okta System LogNative Events and ReportingReporting … Continue reading Historical Reporting of OIG Access Requests

Inactive Application Account Reporting with Okta Workflows

I was recently asked about reporting, and possibly recertification, of inactive accounts in Okta. We can run reports in Okta on Okta profile states to find inactive users. We also have an Okta Workflows template to find and report on Okta users who haven't accessed Okta in a period of time. But what about application … Continue reading Inactive Application Account Reporting with Okta Workflows

Separation of Duties (SoD) With Okta Workflows

Implementation of Separation of Duties controls is often an Identity Governance requirement. Whilst SoD controls will find their way into the Okta Identity Governance product at some point, they can be implemented today using the Okta Identity Cloud data model and Okta Workflows. This article provides a sample implementation. Article contents: IntroductionOkta and Coarse- and … Continue reading Separation of Duties (SoD) With Okta Workflows