Okta ADMIN CONSOLE

0D54z0000AK92JVCQZOkta Classic EngineMulti-Factor AuthenticationAnswered2025-02-28T17:30:29.000Z2025-02-25T16:51:32.000Z2025-02-28T17:30:29.000Z

RajaR.78546 (Customer) asked a question.

February 25, 2025 at 4:51 PM

Okta ADMIN CONSOLE

Hi All,

Can someone please clarify me the below question.

I have configured Azure AD SAML IDP in Okta using JIT.
I have an Azure AD Profile sourced user(Service account with no email box access, its a non human account) assigned to Super Admin Role or Any other role in okta.
When I am SSO by Azure IDP in okta using(Service account), the admin console sign-on policy required for one of the Factor type "Biometric or Possession, Knowledge".
In my case as a Service account user i don't want any factor to access okta using Azure AD SSO.
Reason: To create a API token using Service acc.

Multi-Factor Authentication

EndiP.27305 likes this.

Top Rated Answers

Mihai N. (Okta, Inc.)
a year ago
Hi @RajaR.78546 (Customer) , Thank you for reaching out to the Okta Community!

MFA is mandatory and enforced for the Admin dashboard, so all admin accounts should have MFA enrolled.
More details here.

If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.

Hope my answer helps!

--
The new Okta Help Center YouTube channel is your go-to resource for tips, troubleshooting, and best practice videos. Subscribe today.
Join the Online Discussion for Ask me Anything on March 25, 2025: Identity Threat Protection with Okta AI
Expand Post
Selected as Best

All Answers

Mihai N. (Okta, Inc.)
a year ago
Hi @RajaR.78546 (Customer) , Thank you for reaching out to the Okta Community!

MFA is mandatory and enforced for the Admin dashboard, so all admin accounts should have MFA enrolled.
More details here.

If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.

Hope my answer helps!

--
The new Okta Help Center YouTube channel is your go-to resource for tips, troubleshooting, and best practice videos. Subscribe today.
Join the Online Discussion for Ask me Anything on March 25, 2025: Identity Threat Protection with Okta AI
Expand Post
Selected as Best
RajaR.78546 (Customer)
Edited February 25, 2025 at 11:28 PM
Hi @Mihai N. (Okta, Inc.)

Thanks for the quick response, so how can I create a API token with a name of SVC account? It’s an unmanned account, even if I assigned a custom role with only API access management and Authorization server resources, still need to verify the authentication? apparat from credentials?
Expand Post
- Mihai N. (Okta, Inc.)
  a year ago
  You'll need to log into the Okta Admin Dashboard with the designated account used as a service account to create the token.
  The API token will inherit the permission levels of the admin account that created it.
  
  Regards.
  --
  The new Okta Help Center YouTube channel is your go-to resource for tips, troubleshooting, and best practice videos. Subscribe today.
  Join the Online Discussion for Ask me Anything on March 25, 2025: Identity Threat Protection with Okta AI
  Expand Post
  - RajaR.78546 (Customer)
    Edited February 26, 2025 at 10:29 AM
    Does okta support any unmanned service account profile ? Without any factor enrollment? to access admin console.
    
    i want to create a API token with the name below when I check the system log. serviceokta@xxxx.com
    created by Service Admin
    
    Expand Post
  - Mihai N. (Okta, Inc.)
    a year ago
    Not specifically for generating API tokens, but you can look into implementing a service app via OAuth to interact with the Okta API.
    For details about this, I recommend reaching out to our dedicated Okta Developer forum via devforum.okta.com .
    
    Regards.
    --
    The new Okta Help Center YouTube channel is your go-to resource for tips, troubleshooting, and best practice videos. Subscribe today.
    Join the Online Discussion for Ask me Anything on March 25, 2025: Identity Threat Protection with Okta AI
    Expand Post

This question is closed.

Your Privacy

Your Privacy

Strictly Necessary Cookies

Strictly Necessary Cookies

Functional Cookies

Functional Cookies

Performance Cookies

Performance Cookies

Share or Sell of Personal Data

Share or Sell of Personal Data

Advertising Cookies

Your Privacy

Your Privacy

Strictly Necessary Cookies

Strictly Necessary Cookies

Functional Cookies

Functional Cookies

Performance Cookies

Performance Cookies

Share or Sell of Personal Data

Share or Sell of Personal Data

Advertising Cookies