New Beta Feature: Scheduled Suspension Skip to main content
https://support.okta.com/help/blogdetail?id=a672a000000bnhnqay&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fblogdetail
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.

New Beta Feature: Scheduled Suspension

Aug 22, 2017 | by Aaron Yee in Lifecycle Management
Introduction 

Okta admins can now schedule the suspension of an Okta mastered account on a specific date (down to the second). On the configured date, Okta will automatically suspend the user's Okta account, preventing the user from authenticating to Okta. Note that suspending a user is different from deactivating a user, which removes access to the app and triggers deprovisioning flows (if configured).  

This feature enables Okta admins to better manage the lifecycle of non-employee accounts, such as contractors. Unlike employee accounts whose lifecycles are tightly governed & mastered by an authoritative source such as AD or HR, non-employee accounts generally have fewer controls. Specifically, their onboarding and offboarding processes aren't managed by the same authoritative source(s). Consequently, it's common for non-employee accounts to get created and persist long after they're needed. This feature solves that problem by cutting access on a specific date (e.g. on the last day of the contract). 

User-added image

Disclaimer: Any customer can evaluate this feature during beta. However, when it progresses to Early Access/General Availability, only customers who have bought Universal Directory will be able to use it.

Other Capabilities

 
  • Admins can schedule suspension dates by importing a CSV (useful for batch scheduling)
  • Admins can view upcoming suspensions within the next 30 days
  • The System Log captures event details when 1) a suspension is scheduled and 2) a suspension occurs

Limitations
 
  • Only works on Okta accounts that are not mastered by authoritative sources (AD, LDAP, HR, etc.) 
  • Okta guarantees that the account will be suspended within an hour of the scheduled date/time

I'm in! How do I get started?

Currently, only Okta PREVIEW environments (*.oktapreview.com) are eligible for this feature. If you do not have a preview environment, you can sign up for a free developer tenant at https://www.okta.com/developer/signup/.

To enroll in this program, please sign up here: https://support.okta.com/help/OktaBetaProgramHome
 

Comments

  • Anooj Wahab on February 16, 2018

    When is this expected to be released for general availability?
    A much needed feature for  lifecycle management!

  • Sean Young on December 16, 2017

    This doesn't seem to be an option under the available BETA page. If this isn't available we suggest you update your articles to let us know the status of it. 

    There are a ton of beta features that seem to be in purgatory. 

  • Paul Cartwright on October 26, 2017

    When are you looking to add this for general release? Is there any plans to add some business logic to the automated suspension? i.e.suspend account if not used within x number of days.