The built-in Okta Administrators group cannot be used for group rules and will show the following error if attempting to evaluate or save a rule with this group included in the basic condition or advanced expression:
We found some errors. Please review the form and make corrections.
- Lifecycle Management
- Group Rules
Okta creates and automatically maintains a default group for Okta Administrators, similar to the Everyone Group, but includes only Okta Users with one or more admin roles. This built-in Okta Administrators group is intended only to be used for the purposes of assigning sign-on policies.
All Okta admins may see this group, and its existence is not hidden, which is why it may appear when searched by name or queried via the Groups API. For security reasons, membership counts are not displayed for this group.
For this reason, the built-in Okta Administrators group may not be used with group rules or application assignments.
Leverage an alternate group or Okta User attribute for the purposes of group rule evaluation.
Keep in mind that Okta group rules cannot assign users to any group that has an admin role associated.
