When end users attempt to access the Okta Dashboard, Okta generates an access denied error. This occurs because the Authentication Policy for the Okta Dashboard application restricts access for the affected users. Administrators must sign in to the Admin Console and modify the Authentication Policy to restore access.
You are not allowed to access this app. To request access, contact an admin.
- Okta Identity Engine (OIE)
- Authentication Policies
- Okta Dashboard
The Authentication Policy for the Okta Dashboard application denies access to the affected users.
How do administrators access the Admin Console during a sign-in error?
Administrators bypass the end-user dashboard error and access the Admin Console directly by navigating to the admin-specific URL. Access the Admin Console using one of the following URLs, replacing <subdomain> with the specific Okta tenant name.
- https://<subdomain>-admin.okta.com
- https://<subdomain>-admin.oktapreview.com
How do administrators modify the Authentication Policy to allow access?
Modify the Authentication Policy for the Okta Dashboard application to allow access for the affected users by choosing one of the following three options.
- Option 1: Edit the default Catch-all Rule and enable Allowed after successful authentication.
- Option 2: Add a new rule to the existing policy to explicitly allow access for the affected users.
- Option 3: Assign a different, properly configured policy to the Okta Dashboard application. Navigate to Applications > Applications, select the Okta Dashboard application, and navigate to the Sign On tab. Under User authentication, select Edit, choose the new policy, and select Save.
