More connectors are now supporting Entitlements Management with the Okta Identity Governance solution. See the latest list in Apps with entitlement support. This article details how to set up Zendesk using the new Entitlement Management connector.
The Zendesk connector will discover existing entitlements within the application and make the entitlements available for governing.
The following Provisioning features are supported:
- Import New Users
New users created in the third-party application will be downloaded and turned into new AppUser objects for matching against existing OKTA users. - Import Profile Updates
- Import User Schema
- Push New Users
New users created through OKTA will also be created in the third-party application. - Push Password Updates
Updates made to the user's password through OKTA will be pushed to the third-party application. - Push Profile Updates
Updates made to the user's profile through OKTA will be pushed to the third-party application. - Push User Deactivation
Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third-party application. - Reactivate Users
Reactivating the user through Okta will reactivate the user in the 3rd party application. - Push Groups
Push, update, and download user groups.
- Okta Identity Governance with Entitlement Management
To set up Zendesk with Okta Identity Governance with Entitlements:
- Log in to Okta as an Administrator with the Access Certification role or Super Admin.
- Select the application menu.
- Search for and locate the Zendesk application. Follow the instructions provided to set up provisioning with one new step.
- For the traditional Provisioning setup, the Governance Engine must be enabled before Step 1. This step tells the application to ingest entitlements directly into Okta after provisioning is enabled.
NOTE: If the governance engine is not enabled prior to Provisioning setup, Entitlements for Zendesk will not be enabled.
- Next, follow the remaining setup instructions located online.
- It is recommended to assign users to a group to assign users to Zendesk.
- Once completed, locate the newly enabled Governance tab on the Zendesk application.
- Click on Governance, and any visible entitlements within Zendesk will now be visible within the application.
NOTE: The number of Roles and Custom Roles is determined by the organization's licensing and the roles that are created.
Now you are ready to assign entitlements using Policy Rules, Self Service Access Requests using Bundles, or grant entitlements directly in the UI or via API.
Do not forget to visit How to Create a Bundle and Policy Rules.
Happy Governing!
Related References
Training:
Below are other resources that can help with becoming familiar with Okta Identity Governance:
- We share two videos about Access Certification campaigns and Access Request in this article: Okta Identity Governance
- Corporate blog: Okta Identity Governance: A Unified IAM and Governance Solution
- How to Grant Entitlements via API
- Guide on how to use the Okta Identity Governance API’s
Learn about the new capabilities available, Access Requests, Access Certifications, and more in this FAQ: Identity Governance FAQs
Limitations:
