<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z0000AIHE2mCQHOkta Identity EngineIdentity GovernanceAnswered2024-12-10T16:38:10.000Z2024-12-09T20:17:48.000Z2024-12-10T16:38:10.000Z

AbhijeetS.70888 (Customer) asked a question.

December 9, 2024 at 8:17 PM
okta disconnected app access review question

Hello we have a disconnected app for which we load users into okta using the CSV application. We have an attribute called roles and would like to manage it as an entitlement in okta. How do we mark/create this as an entitlement so it shows up under governance entitlements?

If thats not possible how can we create an entitlement policy which is based on value of application user attribute instead of the user profile attribute?

This disconneted application does not create any users into okta just to be clear… we want to use it just to certify access for a disconnected app.

  • 3 answers
  • 227 views

  • TimL.58332 (Workflows)

    @AbhijeetS.70888 (Customer)​  -- Based on this you can definitely perform Access Certifications but no mention of Entitlements:

     

    https://support.okta.com/help/s/article/Certifying-Access-for-Disconnected-Application-in-Okta?language=en_US

     

    You should be able to determine if entitlement management can be enabled for the application under the General tab. If it contains the section:

     

    image 

    And allows you to enable the functionality it should provide the new "Governance" tab at the top:

     

    image 

    If not, then I would say it isn't supported with Entitlement Management.

     

     

    Expand Post
    Selected as Best

  • AbhijeetS.70888 (Customer)

    This link is what we tried to follow, but this doesnt work. After creating the role attributes, it doesnt show the role as granted access in the access review. This link looks like outdated after okta put in the new governance, entitlement bundle thing...

  • AbhijeetS.70888 (Customer)

    The app does have governance engine enabled... and we can manually create entitlements underneath... but to load so many it appears we need to build/maintain a complex workflow for entitlment management. A supposedly easy task in other tools, is unusually complex in okta.

This question is closed.
Loading
okta disconnected app access review question