<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VRKSA3Okta Classic EngineLifecycle ManagementAnswered2024-04-16T10:58:39.000Z2018-08-01T01:19:01.000Z2018-08-01T16:33:40.000Z

pkuhy (pkuhy) asked a question.

August 1, 2018 at 1:19 AM
Does the Okta ILM have the ability to assign roles and permissions within apps, or is it restricted to just creating the account.
Does the Okta ILM have the ability to assign roles and permissions within apps, or is it restricted to just creating the account.
  • 2 answers
  • 718 views

  • chris.hancock1.4756186399413728E12 (Okta, Inc.)

    Hi,

     

    Okta does have the ability to manage the permissions and roles for certain applications. For those with advanced provisioning features you will have the ability to assign roles that are configured within the target application. These can include applications such as SalesForce, ServiceNow, AWS etc. 

     

    Some applications may also allow this type of capbility through SAML 2.0 whereby you send through the groups the user is a member of in Okta, these can be filtered based. These values are then sent within the SAML assertion and these will be match those in the 3rd party application which will be updated accordingly. This typically occurs on each login and will allow users to always have the correct permissions based on their group memeberships in Okta. 

     

    To verify if the application you are looking to have this capability you can for these in the application network and confirm if it provides provisioning, if it does you can add these and verify if they provide those options within the provisioning settings of the app. Alternatively if the app in question does not exist you may contact the 3rd party to verify if they allow SAML authentication and profile updates via groups etc.

     

    If the above does not address your question please feel free to log a support ticket and we can discuss this over the phone to better address your query. 

     

    Thank You, 

    Chris
    Expand Post

  • mike.davie1.5312945692819849E12 (Customer First Programs)

    Hello,

    Thank you for posting your question into the Okta Community Portal! 😀

     

    If you receive a great answer to your question(s), help the community find it by marking it the best answer. Hover over the answer and click "Best Answer." 

     

    Thanks for participating in the Okta Community.  👍

     

    Mike Davie

    Okta Help Center Team
    Expand Post
This question is closed.
Loading
Does the Okta ILM have the ability to assign roles and permissions within apps, or is it restricted to just creating the account.