Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Okta Administration: Up and Running
  • Table Of Contents Toc
Okta Administration: Up and Running

Okta Administration: Up and Running

By : Lovisa Stenbäcken Stjernlöf, HenkJan de Vries
4.6 (8)
close
close
Okta Administration: Up and Running

Okta Administration: Up and Running

4.6 (8)
By: Lovisa Stenbäcken Stjernlöf, HenkJan de Vries

Overview of this book

IAM, short for identity and access management, is a set of policies and technologies for ensuring the security of an organization through careful role and access assignment for users and devices. With this book, you’ll get up and running with Okta, an identity and access management (IAM) service that you can use for both employees and customers. Once you’ve understood how Okta can be used as an IAM platform, you’ll learn about the Universal Directory, which covers how to integrate other directories and applications and set up groups and policies. As you make progress, the book explores Okta’s single sign-on (SSO) feature and multifactor authentication (MFA) solutions. Finally, you will delve into API access management and discover how you can leverage Advanced Server Access for your cloud servers and Okta Access Gateway for your on-premises applications. By the end of this Okta book, you’ll have learned how to implement Okta to enhance your organization's security and be able to use this book as a reference guide for the Okta certification exam.
Table of Contents (13 chapters)
close
close
1
Section 1: Getting Started with Okta
8
Section 2: Extending Okta

Discovering Okta's basic features

Okta has a lot of different products, and organizations can pick and choose as they see fit. The most commonly used are the following:

  • Universal Directory (UD)
  • SSO
  • Adaptive Multi-Factor Authentication (AMFA)
  • Lifecycle Management (LCM)

It's not always obvious in the administrator portal where one product starts and another one ends. This will be clarified in this book. The products will all be explained with practical examples in the coming chapters, but here is an initial overview.

Universal Directory

UD can be considered as the foundation of any Okta setup. UD is the directory of your users and groups. Users can be mastered by Okta, by other directories, or by an HR system. For organizations with multiple directories, such as AD, LDAP, and an HR system, Okta offers a complete 360 view of the users and their attributes. Users can be sorted into groups created in Okta and imported from a directory or an application. With Okta's Attribute Mastering feature, the attributes of any user can be mastered by different sources.

Single sign-on

SSO lets us connect applications and lets our users access them through Okta. End users will only have to log in to Okta once, and can thereafter access any application they have assigned to them. This is done with integrations based on SAML, WS-Federation, OpenID Connect, or with a simple Secure Web Authentication (SWA) where Okta stores credentials and passes them along to the application in a secure way. In the Okta Integration Network (OIN), more than 6,500 integrations are available, and more are added every day. If the required application isn't available in the OIN, customers can create their own integrations. This will be described in depth in Chapter 3, Single Sign-On for a Great End User Experience.

Multi-factor authentication and adaptive multi-factor authentication

Included in Okta's SSO product are basic MFA features. You can easily set up policies to let your users utilize different kinds of factors after entering their password. Using the basic IP settings, you can set up network zones that protect your users and block bad actors from the outside.

Many third-party MFA solutions can be integrated with Okta, allowing you to leverage existing and perhaps currently deployed solutions into your Okta MFA policies.

If the basic features of MFA aren't enough for you, Okta's Adaptive MFA product brings even more advanced options. With AMFA, you can set the context to your MFA policies. Context can be location awareness, device fingerprinting, or impossible velocity. Okta's device trust options allow you to integrate with your third-party MDM systems to generate even more context around your users and devices.

Lifecycle management

So far, the Okta products we've looked at have focused a lot on end user experience and security. LCM is all about automation, easing up friction between HR and IT. With LCM, organizations are better set up for audits. For instance, with your Okta instance set up—with groups, rules, integrations, and system logs—and access given, it's easy to show when a user had access to what. With the Group Rules feature, it's clearer what employees have access to. This will streamline work for the HR and IT departments, allowing them to do the work by creating the user only once in the organization's systems. The creation and management of users has never been this easy. Automatic account creation also minimizes mistakes caused by human error. A predetermined setup allows the organization to invest time upfront to create and set up the provisioning, and after that, it will automatically run based on the user's identity and profile.

With Okta's LCM functionality, you can also automate access control in certain applications. This allows you, with minimal interaction, to manage users with the correct role, license, and group access.

Workflows

Workflows is a part of the advanced LCM product. With Workflows, you can automate many business processes using a simple if this, then that methodology with no-code configurations. Okta provides a library of connections to many popular cloud applications, and workflows can also integrate with custom APIs. Some examples of where Workflows can be used include the following:

  • On- and off-boarding enhancements
  • Resolving conflicts when new users are created
  • Sharing reports on a monthly basis.

Okta's basic features help us manage the most general day-to-day tasks associated with IAM. However, it also has some specific, advanced features to help us manage our systems better.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Okta Administration: Up and Running
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon