Okta Workflows can address many automation use cases, including Identity Governance and Administration (IGA) scenarios. It is included as a product (SKU) in the Okta Identity Governance bundle.
For more information, including tutorials and videos, can be found in the Workflows help pages.
IGA Workflows Articles
There are a number of articles on this blog that can be used as examples of how to implement IGA use cases.
OIG APIs – Use Okta Connector in Workflows Now
This short post is for the information of people who may look at some of the older OIG API and Workflows articles on this site and find they no longer work. You should be using the Okta Connector with the Custom API Action card now instead of the old generic API Connector card. The OLD…
Okta Workflow for Access Certifications – Slack Notifications
Introduction Today, ensuring the security and compliance of user access rights is a top priority for organizations worldwide. As an advocate for streamlined processes and effective communication, I am excited to share with you a custom-built Okta Workflow to send Access Certifications campaign notifications like campaign launch, weekly campaign reminders to reviewers who are yet…
Okta Entitlements for Disconnected Applications – Dynamic Entitlement Bundle Assignments
OVERVIEW This blog is a continuation of the Okta Entitlements for Disconnected Applications – Dynamic Entitlement Bundle Creation that I posted previously. Some of the introductory content is duplicate to reenforce some of the basic concepts around Okta Identity Governance – Entitlement Management. With the release of Okta Identity Governance, one of the newly released features is…
Okta Entitlements for Disconnected Applications – Dynamic Entitlement Bundle Creation
OVERVIEW This blog is a continuation of the Okta Entitlements for Disconnected Applications that I posted previously. Some of the introductory content is duplicate to reenforce some of the basic concepts around Okta Identity Governance – Entitlement Management. With the release of Okta Identity Governance, one of the newly released features is entitlements at the…
Okta Entitlements for Disconnected Applications
OVERVIEW With the release of Okta Identity Governance, one of the newly released features is entitlements at the application level. Entitlements open a deeper level of represented access for Access Reviews, Access Certification Campaigns and Access Requests through the representation of fine grain access and licensing that a given user has in a relationship to…
Unlocking Workday Security Groups Governance: Integrating Okta OIG with Custom Workflows and Universal Directory
Introduction Today, safeguarding organizational assets and ensuring compliance with regulatory standards are paramount concerns for businesses of all sizes. Within this context, the integration of Workday’s security groups with Okta Identity Governance (OIG) emerges as a critical need, given the central role these platforms play in managing employee data and access privileges. However, there is…
Unleashing Precision: Enhancing Salesforce User Access Reviews with Custom Okta Entitlements Management
Introduction In the ever-evolving realm of user access and security, the marriage of Okta and Salesforce presents a powerful synergy. While Okta’s out-of-the-box (OOTB) connector for Salesforce Governance is undoubtedly a valuable asset, it falls short when it comes to the nuance of fine-grained access certification. Picture this common scenario: reviewing a Profile or Permission…
Managing FGA Relationships with Okta Identity Governance and Workflows
Overview This blog post will walk you through how to programmatically create and delete Tuples within Okta’s Fine Grained Authorization (FGA) product triggered by an Access Request in Okta Identity Governance (OIG). FGA is an early-stage product Okta is building to solve fine grained authorization at scale. FGA is a Relationship Based Access Control model…
OIG Access Requests – Automate Out of Country Requests and Security
Overview The purpose of this post is to configure an access request for end users to request when they are going to be out of the country. Oftentimes, IT teams like to lock down their environment so their employees can only access their applications from one designated country or area (maybe we call this US…
OIG Access Requests – Can I Attach a File?
A common requirement for access requests is adding a file to support the request. It may not be obvious, but Okta Identity Governance has the means to attach a file to a request. Let’s explore this and show an example. How to Attach a File in the Access Requests Portal A file can be attached…
OIG Access Requests and Workflows – Checking SoD In An Access Request
This article looks at a new approach you could use to perform Separation of Duties (SoD) checking from Okta Access Requests using Okta Workflows. It shows two approaches you could take to get SoD analysis into the request a soon as it’s raised so that the reviewer has the information at hand before approving the…
Understanding AWS IAM and Integrating with Okta and Workflows
I’ve been looking into application entitlements and the Amazon Web Services (AWS) users, groups and entitlements has perplexed me for some time. I’ve had the opportunity to explore it, try to understand it and build some integration between Okta Workforce Identity Cloud (via Okta Workflows). This post is a summary of my findings. AWS and…
Okta Identity Governance and/or Service Now – Architectural Patterns
Most organisations have some ITSM or service request tool, and ServiceNow is the most common. So it’s understandable that any conversation about Okta Identity Governance, particularly access requests, will involve comparison with ServiceNow or integration patterns for both products. How do you approach an access request solution? Which product is going to meet your needs…
Risk-Based Application Certification in OIG
If you were at Oktane22, or have listened to the Oktane22 roadmap sessions, you will know risk and use of risk signals is a key focus for Okta going forward. This includes leveraging risk in Okta Identity Governance (OIG), to help make access requests and access certification more effective. But can you leverage risk today?…
Logging a ServiceNow Request via Workflows from OIG Access Requests
A common ask for Okta Identity Governance is to be able to log at ticket in a service desk tool, like ServiceNow, for manual provisioning activities after following an approval process in Access Requests. This article explores one approach to this using OIG Access Request events in the Okta System Log, Event Hooks and Okta…
OIG – Triggering Workflows From Access Certification Reviews
Okta Identity Governance (OIG) provides an access certification component for reviewing users and their access. When reviewing access, a reviewer (such as a users manager) can approve or revoke the access (or reassign). With the revoke action, the access certification campaign can be configured to automatically remove access or do nothing (i.e. leave the access…
OIG – Certification for External System Entitlements
A common ask for Okta Identity Governance (OIG) is to be able to do access certification on external application data. Currently OIG can only run campaigns on objects (group memberships and application assignments) in the Okta Universal Directory (UD). Importing of external system entitlements is on the product roadmap. But with some understanding of the…
Access Certification for In-active application users
How can you leverage Okta Workflows and Identity Governance to review in-active users in your application
Certifying Access for Disconnected Application in Okta
The beauty with Okta is that there are over 500 applications in the Okta Integration Network that enables Admins to automate the user lifecycle. For these apps, Okta Identity Governance enables immediate remediation based on access reviews. There are still many applications that don’t and won’t support this, which creates a challenge when it comes…
Historical Reporting of OIG Access Requests
A common request asked is how to look at past access request events. Currently you can see the results of the requests in the Okta System Log and also in the Okta Identity Governance (OIG) Access Requests admin console. This article will explore these. Article contents: This is still an early release product, so expect…
Something went wrong. Please refresh the page and/or try again.
IAMSE