Third-party administrators

Third-party admins perform some administrative actions, but they can’t:

  • Receive Okta admin email notifications

  • Contact Okta Support

  • Log into the Okta Help Center

Third-party admin scenarios

Some organizations need to set up administrator roles in Okta for individuals who perform admin functions but are not direct employees of their organization. The parent organization may even create a custom portal for administrator functions, so that third-party admins do not even see the Okta interface.

Consider the following scenarios:

  • An org's support team outsources its services to a third party. This third party manages user needs on behalf of the org but does not actually see the Okta user interface.
  • An org uses a Business to Business to Consumer (B2B2C) model. A "hub-and-spoke" is set up with end customers (external users) created as admins so they can run their own Okta org. The org may offer a custom portal created with Okta APIs so these external users aren’t aware that they are admins in Okta.

If the external users in these scenarios are given traditional admin roles in Okta, they will receive default Okta admin emails like customer notifications, admin email alerts, and welcome messages. By giving these users third-party admin permissions, you can prevent them from receiving Okta admin email notifications, or from contacting Okta support.

Related topics

Configure third-party administrators

Standard administrator roles and permissions