Category: Extensibility (Workflows and Development)
-
The Okta ITP Workflows Connector
In May 2025 Okta released a Workflows connector for Identity Threat Protection with Okta AI, called the Okta ITP connector. This article is a brief walkthrough of the connector. Introduction With the release of Identity Threat Protection with Okta AI (ITP), new capabilities have been added to the Okta Workforce Identity platform for risk evaluation/detection…
-
Using Risk in Okta to Manage Privileged Access in OPA
Identity Threat Protection with Okta AI will continuously assess user context and automatically respond to identity threats across your ecosystem. This includes managing entity (user) risk levels. Okta Privileged Access does not explicitly have user risk built in, but user risk can be applied to control how users access privileged resources. This article looks at…
-
A Set of Utilities for Secrets Management in OPA
In a recent engagement a customer raised issues around management of secrets and folder,s and associated policies and users in their Okta Privileged Access (OPA) deployment. In the spirit of the mantra of Mr Bigweld in Robots “see a need, fill a need“, I set about writing some utilities to help manage larger, more-complex Secrets…
-
New Okta Group Push API
If you have been working with applications in Okta for some time and occasionally use the APIs (or Workflows) you would be aware that one glaring omission in the API library was an API to manage the Push Groups on applications. This has now been addressed with the Group Push Mapping API. The Group Push…
-
Automating Individual Secret Folders in OPA with Workflows
Okta Privileged Access has a secrets function, where a folder hierarchy can be built and policies applied to allow groups of users to access shared secrets. Whilst it’s not it’s primary use case, it could also be used to provide an individual secrets folder mechanism where users in Okta could have their own personal secrets…
-
Automating Realm Creation in Okta with Workflows
The new Realms feature in the Okta Workforce platform and the Secure Partner Access (SPA) product built on top of it are designed to make management of discrete user populations simpler. Realms can be managed via the Okta Admin Console. But what about when you want to automate the process, such as onboarding a large…
-
The Combined Power of Okta Privileged Access and Okta Identity Governance
This article looks at the benefits of combining Okta Privileged Access with Okta Identity Governance to reduce the risk of using privileged accounts and access. Introduction Both Okta Privileged Access (OPA) and Okta Identity Governance (OIG) are part of the Okta Workforce Identity Cloud platform (Okta WIC). OIG is focused on governing identities – having…
-
Okta Privileged Access Requests with JIRA and Okta Workflows
This article looks at how to use Jira to raise and manage time-bound privileged access requests in Okta Privileged Access. It leverages an Okta Workflows solution that integrates with Jira and then manages Okta group membership. Introduction Before looking at the solution details and the user flows, it’s worthwhile providing an overview and some design…
-
Bulk Imports of Sudo Rules for Okta Privileged Access using Workflows
This article showcases two new features of Okta Privileged Access – Sudo command bundles and the Okta Privileged Access Workflows connector. It shows how a standard workflow mechanism can be used for bulk-loading sudo commands, specifically for commands to work with OpenLDAP. Introduction Okta recently released two new capabilities to Okta Privileged Access. The first…
-
Generating Okta Privileged Access Reports with the new Workflows Connector
Okta recently released a Workflows connector for Okta Privileged Access. It provides an abstraction of many of the Okta Privileged Access APIs to make working with them in Workflows easier. This article is an exploration of using the new connector to produce Okta Privileged Access reports, specifically access reports for users and resources. Introduction Okta…
-
Privileged Access Management for AWS using Okta Workforce Solutions
This article is a summary of a presentation I recently gave looking at Okta Workforce Identity Cloud and Amazon Web Services (AWS). It is focused on how privileged access management can be applied to AWS users and access, leveraging the different Identity and Access Management (IAM) capabilities in Okta. Note that this article talks about…
-
OIG APIs – Use Okta Connector in Workflows Now
This short post is for the information of people who may look at some of the older OIG API and Workflows articles on this site and find they no longer work. You should be using the Okta Connector with the Custom API Action card now instead of the old generic API Connector card. The OLD…
-
Okta Privileged Access – Determining and Highlighting Risk in Roles and Policies
Okta Privileged Access provides a flexible framework for controlling who can access what privileged resources and how. This includes resource groups for managing resources, security policies for controlling access, administrative roles to manage them, and principals to use them. Invariably configuring the PAM solution will introduce risk. But how to monitor and manage the risk…
-
Okta Privileged Access and Access Certification – Getting Roles into the Group Description
As with many SaaS applications in Okta, application entitlement can be managed via Okta Groups pushed to Okta Privileged Access (OPA). This means membership in OPA policies and roles is based on Okta Group membership and thus can be governed by access requests and access certification for those groups. In this article we look at…
-
Okta Privileged Access and the Reports API – Who has Access to What and How?
With the release of Okta Privileged Access, an API has also been released to provide programmatic access into objects managed by it, such as servers, secrets and gateways. There is a set of Access Reports APIs to allow for external reporting on who has access to what and how. This article explores the APIs, the…