This article outlines best practices for administering Integrator Orgs. It addresses the limitations regarding access recovery for free organizations and details strategies to prevent administrative account lockouts.
- Integrator Free Plan Organization
- Okta Administration
- Multi-Factor Authentication (MFA)
- Lockout
- Okta Identity Engine
Support cannot assist with access recovery for Okta Integrator Free Plan Orgs due to security protocols.
The following best practices are recommended to manage access and prevent lockout scenarios. Implement the following configurations to prevent loss of access:
-
Create additional administrator users
Ensure multiple users have administrative privileges to assist with access issues.
-
Create a Service App
Configure a Service App with user and policy management permissions. This app can assist in recovering admin accounts by resetting factors or updating enrollment policies.
-
Enable additional authenticators
Enroll multiple authenticators (for example, WebAuthn or Google Authenticator) for all administrators. This ensures that losing access to a single authenticator does not result in a lockout.
If access to an Integrator Free Plan-related Org is lost, a new tenant must be created. Refer to Recovery Steps in Case of Integrator Free Plan Org Admin Account Lockout Post MFA Enforcement for additional context.
