IAmDavid

Category: Domains

Non-product IAM domains

  • Recent Updates to Okta Privileged Access – Oct 25

    There have been a number of features released for Okta Privileged Access over the recent months, some major and some minor, but may have been lost in the excitement of Oktane 25. This article provides a summary of all the changes release. Introduction The last two quarters have been very busy for Okta Privileged Access…

  • The Okta ITP Workflows Connector

    In May 2025 Okta released a Workflows connector for Identity Threat Protection with Okta AI, called the Okta ITP connector. This article is a brief walkthrough of the connector. Introduction With the release of Identity Threat Protection with Okta AI (ITP), new capabilities have been added to the Okta Workforce Identity platform for risk evaluation/detection…

  • Using Risk in Okta to Manage Privileged Access in OPA

    Identity Threat Protection with Okta AI will continuously assess user context and automatically respond to identity threats across your ecosystem. This includes managing entity (user) risk levels. Okta Privileged Access does not explicitly have user risk built in, but user risk can be applied to control how users access privileged resources. This article looks at…

  • RDP’ing with Microsoft Active Directory Accounts in OPA

    Okta is extending it’s Okta Privileged Access capabilities with Microsoft Active Directory accounts by adding the ability to leverage them in direct RDP connections. This means it now supports two use cases with AD accounts – a reveal function where those credentials can be used (via copy’n’paste) to any AD-authenticated service, and the new direct…

  • New Access Certification Auditor Reporting Package in OIG

    Okta has just released a new Early Access feature for Okta Identity Governance Access Certifications – the Auditor Reporting Package. This new feature significantly expands the usefulness of OIG Access Certification campaign reporting. Introduction When Okta Identity Governance (OIG) was released with Access Requests and Access Certification, there was reporting included. It was available under…

  • Role Analysis with Okta ISPM – Are My Groups and Roles Being Used Effectively

    Okta Identity Security Posture Management (ISPM) performs analysis on groups and roles which can be used to tune access via groups/roles and reduce risk. This article explores how to use ISPM for role analysis. Background Roles and a role-based identity system have been the Holy Grail for identity governance and administration (IGA) practitioners and products…

  • New Delegate Feature in OIG

    Okta has recently released a delegate feature in Okta Idenity Governance. This feature allows all governance activity, such as reviewing access requests or access certifications, to another Okta user (optionally for a set period). This article introduces the new feature. Introduction We all need to go on leave or take time off. So what happens…

  • A Set of Utilities for Secrets Management in OPA

    In a recent engagement a customer raised issues around management of secrets and folder,s and associated policies and users in their Okta Privileged Access (OPA) deployment. In the spirit of the mantra of Mr Bigweld in Robots “see a need, fill a need“, I set about writing some utilities to help manage larger, more-complex Secrets…

  • ISPM Architecture

    This article provides a brief introduction to the architecture of Okta Identity Security Posture Management (ISPM). The following figure provides an overview of the architecture. We will break it up into the Input, Service, Console with Users/Roles and Output. Input ISPM is fed from different sources. The main source is from other customer systems, such…

  • New Okta Group Push API

    If you have been working with applications in Okta for some time and occasionally use the APIs (or Workflows) you would be aware that one glaring omission in the API library was an API to manage the Push Groups on applications. This has now been addressed with the Group Push Mapping API. The Group Push…

  • The New Unified Requester Experience in OIG

    This article introduces the new Access Requests – Unified Requester Experience that is currently rolling out as an Early Access feature in Okta Identity Governance (OIG). The Background As Okta was building its new Identity Governance and Administration (IGA) product, it acquired a company to provide what would become the Access Requests component of Okta…

  • New Secrets Search Function in Okta Privileged Access

    Okta has introduced a new search function for Secrets in Okta Privileged Access (OPA). When an OPA user goes to the Secrets menu item, they will see a new search option. Typing in a search argument will show matching secrets with the secret name, Folder hierarchy (clickable breadcrumb), Resource Group / Project and Description. You…

  • Privileged Access Management for Microsoft Active Directory with Okta

    Microsoft Active Directory is pervasive across industry, and thus a common target for hackers, particularly with the abundance of privileged accounts. In this article we look at how the Okta Workforce platform can use different approaches to managing privileged access and reducing the risk of these accessed. It includes just-in-time provisioning of access and dynamic…

  • Okta Privileged Access – Example Mechanisms to Export/View Session Recordings

    This article provides some example mechanisms that could be used to export and view the session recording files produced by Okta Privileged Access. There are two examples shown: These are provided as examples to show how you could implement a mechanism. Introduction Okta Privileged Access (OPA) and it’s predecessor Okta Advanced Server Access (Okta ASA),…

  • Integrating Active Directory with Okta Privileged Access

    Okta has recently released their Microsoft Active Directory (AD) integration with Okta Privileged Access. This allows AD admin accounts to be stored in the vault and exposed via policy for use when accessing AD-authenticated services. This article provides a brief overview of the new feature. Note that this article is from the initial Active Directory…

  • A Brief Intro to SoD with OIG

    Okta has just released a separation of duties feature into Okta Identity Governance. This article provides a brief introduction to the feature. Introduction Separation of Duties (or Segregation of Duties, or more commonly SoD) has been a standard control for identity governance for a quarter of a century. The concept is that a user should…