This article describes how to modify the configuration for Protected Actions. Protected Actions add a layer of security by requiring admins to re-authenticate when performing critical tasks in the Admin Console.

• Admin Console

• Protected Actions

NOTE:

• This feature is not available to federated users in Classic Engine orgs. Upgrading to the Okta Identity Engine is highly recommended.
• Admins must allow pop-ups for their org URLs in their browser to use this feature.

Set the Authentication Interval

The authentication interval determines how often authentication is required when admins perform protected actions.

1. In the Admin Console, go to Applications > Applications.

2. Search for and select the Okta Admin Console app.

3. Select the Protected actions tab.

4. Click Edit.

5. In the Authentication required every field, select the desired authentication interval.

6. Click Save configuration.

Select Protected Actions

1. In the Admin Console, go to Applications > Applications.

2. Search for and select the Okta Admin Console app.

3. Select the Protected actions tab.

4. Click Edit.

5. In the Select protected actions section, select the actions to protect.

6. Click Save configuration.

Configure Email Notifications

Okta can send an email notification whenever an admin performs a protected action.

1. In the Admin Console, go to Settings > Account.

2. Go to the Admin email notifications section and click Edit.

3. Select Admin performs a protected action.

4. Click Save.

Related References

• Protected actions in the Admin Console