New Reviewer Options in OIG Access Certification

There was a recent change to the reviewer selections for Okta Identity Governance (OIG) Access Certification to allow for more options and to simplify the administrative experience. The feature is currently an Early Access feature (the "Reviewer Assignment" enhancement) that can be turned on in an OIG-enabled Okta org. It will roll into production over … Continue reading New Reviewer Options in OIG Access Certification

Okta Identity Governance and/or Service Now – Architectural Patterns

Most organisations have some ITSM or service request tool, and ServiceNow is the most common. So it's understandable that any conversation about Okta Identity Governance, particularly access requests, will involve comparison with ServiceNow or integration patterns for both products. How do you approach an access request solution? Which product is going to meet your needs … Continue reading Okta Identity Governance and/or Service Now – Architectural Patterns

Risk-Based Application Certification in OIG

If you were at Oktane22, or have listened to the Oktane22 roadmap sessions, you will know risk and use of risk signals is a key focus for Okta going forward. This includes leveraging risk in Okta Identity Governance (OIG), to help make access requests and access certification more effective. But can you leverage risk today? … Continue reading Risk-Based Application Certification in OIG

Logging a ServiceNow Request via Workflows from OIG Access Requests

A common ask for Okta Identity Governance is to be able to log at ticket in a service desk tool, like ServiceNow, for manual provisioning activities after following an approval process in Access Requests. This article explores one approach to this using OIG Access Request events in the Okta System Log, Event Hooks and Okta … Continue reading Logging a ServiceNow Request via Workflows from OIG Access Requests

OIG – Triggering Workflows From Access Certification Reviews

Okta Identity Governance (OIG) provides an access certification component for reviewing users and their access. When reviewing access, a reviewer (such as a users manager) can approve or revoke the access (or reassign). With the revoke action, the access certification campaign can be configured to automatically remove access or do nothing (i.e. leave the access … Continue reading OIG – Triggering Workflows From Access Certification Reviews

Reassigning Managers for an Access Certification Campaign

A common requirement for Identity Governance and Administration (IGA) controls is for reassignment when a reviewer, like a manager, goes on leave. Okta Identity Governance (OIG) currently supports manual reassignment of access certification reviews by an administrator or by the reviewer themselves. But what about automatic reassignment based on a change to the user profile, … Continue reading Reassigning Managers for an Access Certification Campaign

Access Certification – Helping Reviewers Decide whether to Approve or Revoke Access

The user interface, and general user experience, has been a challenge with Identity Governance and Administration (IGA) products for many years. Unlike many IT products, IGA solutions are used by all business users and need an easy to use and understand interface. This is particularly so with Access Certifications - business owners (like managers or … Continue reading Access Certification – Helping Reviewers Decide whether to Approve or Revoke Access

OIG Access Requests – Understanding User Grouping

Understanding user grouping mechanisms in the Okta Identity Governance (OIG) Access Requests mechanism is important to building and running access request flows. It can be confusing and this article aims to address the confusion. Note that OIG Access Requests is the old atSpoke product. The term “Okta” in this article refers to the Okta Identity … Continue reading OIG Access Requests – Understanding User Grouping

OIG Access Requests – Using the New Timer Feature

This article explores the new Timer feature in Okta Identity Governance (OIG) Access Requests. It provides an overview of the new function and how it could be used for a long-term (days or weeks) access request and a short-term (hours) privileged access request. This article assumes a familiarity with the OIG Access Requests workflows. For … Continue reading OIG Access Requests – Using the New Timer Feature