This page highlights the articles on this blog that relate to Okta’s Privileged Access Management (PAM) products. These comprise the older Okta Advanced Server Access (ASA) product and the new Okta Privileged Access (OPA).
If you want to see just articles relating to the two products, go to the Okta Privileged Access (OPA) page or the Advanced Server Access (ASA) page. Or you can just click the relevant category listed to the right of this page.
PAM-Related Articles
The most recent PAM-related articles are:
Leveraging Zero Standing Privileges and Shared Account Access with Okta Privileged Access
We all appreciate that a Zero Standing Privileges model is the best approach when it comes to privileged access – if a compromised account doesn’t have standing privileges, then the attacker is limited in what they can do. But the reality for many organisations is that there are still shared accounts with elevated privileges that…
Introducing Secrets Management in Okta Privileged Access
This article explores the new secrets management capability within Okta Privileged Access. Introduction to Secrets Management A key feature of the new Okta Privileged Access product is the introduction of a vault to securely store credentials (or secrets). With the initial release of the product this unlocks two critical use cases: This article will explore…
Okta Privileged Access and Okta Access Requests
Okta Privileged Access (OPA) leverages with wider Okta Workforce Identity Cloud capabilities for many use cases. One of these integrations is with the Okta Access Requests components, that comes as part of the Okta Identity Governance (OIG) product, but also ships in a limited form with OPA. This article explores the two common use cases:…
Okta Privileged Access – A Look at the Data Model
This article provides a simplified view of the data model used in Okta Privileged Access (OPA). Note that this is a logical view of data objects and their relationships, and the term “object” is used very loosely (more like data types). Also this is based on the current Early Access product and may change with…
Okta Privileged Access – A Technical Introduction
The new Okta Privileged Access product was featured in the recent Oktane23 conference. The product is currently (Oct 23) in early access with General Availability expected in Dec 23. This article is a brief technical overview of Okta Privileged Access (OPA) looking at the components and functions of the product. It is written to provide…
Extracting Okta ASA Audit Log with Okta Workflows
The audit logs in Okta Advanced Server Access (ASA) can be viewed in the ASA administrative interface or extracted via the ASA Audit V2 API (and this is what the integrations with SIEM tools do). But what about the situation where you just need to extract all the logs and process them somewhere? You could…
Managing Multiple AD Users in the AD-Joined Feature of ASA
Okta recently released the AD-Joined feature for Okta Advanced Server Access. This feature extends ASA secured RDP access to Windows servers in an AD domain, leveraging user credentials also stored in Active Directory. The feature supports both traditional password-based access and passwordless access using AD certificates, with the flexibility of having a mix of both…
Can ASA Work With a Shared User Directory and Linux Servers?
Using a shared user directory for user authentication across server farms has been a common pattern since the 1990’s. Microsoft adopted it with Active Directory, but we’ve had NIS deployments for many years. Can Okta Advanced Server Access (ASA) work where user authentication is delegated to a central shared directory? Yes. This article looks at…
ASA PreAuthorization with Okta Workflows
This article explores how standard Okta self-service access requests and Okta Workflows can be used to implement Just-In-Time access to Okta Advanced Server Access. It assumes some understanding of Okta, Okta Workflows and Okta Advanced Server Access objects and capabilities. Article contents: Just-In-Time Access with Okta Advanced Server Access A common request with Okta Advanced…
Troubleshooting Okta Advanced Server Access (ASA)
This post looks at the tools to use when troubleshooting issues with Okta Advanced Server Access (ASA). It’s not a “if you see this error, go do this” article – Google is great for that! This will look at where to go look for diagnostic info to help troubleshoot issues. Article contents: Revisiting the Okta…