You can also assign custom roles to users who have standard roles assigned. You can continue using the pre-existing roles and your existing assignments remain the same. The standard role functionality is the same as earlier but the UI is different. Your pre-existing roles are referred to as “standard roles”. The Administrators page has been updated with a new, more intuitive interface for managing roles and permissions. Grant autonomy to different business units for self-management.
The Custom Administrator Roles feature allows super admins to:Ĭreate admin assignments with granular roles, which include specific user, group, and application permissions.Ĭonstrain these admin assignments to resource sets.ĭecentralize the span of access that any one admin has. The standard admin roles available today don’t always meet all the granular delegated administration requirements, which may result in admins having either more or less permissions than they need. Clients also have the ability to use access tokens minted by their own custom authorization servers to guarantee that Okta is calling their client web services and it isn't triggered by any external actors. Using the OAuth 2.0 framework provides better security than Basic Authentication, and is less work than setting up an IP allowlisting solution. A new Key Management API and Admin Console page is also available to create public/private key pairs for use with OAuth 2.0 inline hooks. When creating inline hooks in the Admin Console (or by API), administrators or developers can now select OAuth 2.0 authentication and choose between two methods of OAuth 2.0: Client Secret or Private Key. Tokens ensure secure calls to external web services. To improve the security of inline hooks, Okta now supports authentication with OAuth 2.0 access tokens. Although sent with SSL, the header or custom header authentication didn’t meet more stringent security requirements for various clients and industries. Okta inline hook calls to third-party external web services previously provided only header-based authentication for security. OAuth 2.0 authentication for inline hooks
0 kommentar(er)
