This article addresses common errors encountered when attempting to add a new Super Administrator in Okta, specifically:
- This is a protected action. Please perform step-up authentication.
- You don’t have access to this resource. Please try again or contact your admin.
These errors often occur due to browser settings interfering with Multi-Factor Authentication (MFA) step-up prompts.
- Okta Administrators
- Okta Admin Console
- Adding users with Super Administrator privileges
- Okta Identity Engine
When attempting protected actions like adding a Super Administrator, Okta requires a step-up authentication via an MFA prompt, which typically appears as a pop-up. If the web browser is blocking pop-ups, or if the browser is outdated or experiencing cached issues, the MFA prompt cannot display, leading to the Protected Action or Access Denied errors.
To resolve this issue, perform the following steps:
- Try a Different Browser
-
- Attempt to complete the action from an entirely different web browser (for example, if Chrome is used, try Safari or Firefox).
- Check Browser Pop-up Settings
-
- Ensure that the current browser is configured to allow pop-ups for the Okta Admin Console URL.
- Temporarily disable any pop-up blocker extensions or built-in browser pop-up blockers, then retry the action.
- Update the Browser
-
- Ensure the web browser is fully updated to its latest version.
- Clear Browser Cache and Cookies
-
- Clear the browser's cache and cookies, then restart the browser and try again.
By ensuring the browser allows pop-ups and is in an optimal state, the MFA step-up authentication can proceed correctly, allowing the Super Administrator to be added.
