Control access to the Okta Browser Plugin

Okta lets you control which users can access your org's Okta Browser Plugin.

Admin roles for this task

  • You must have super admin permissions to change access to the Okta Browser Plugin.
  • If you choose to deny access to the Okta Browser Plugin, affected users keep their existing access level until the next time they sign in.

Configure access to the Okta Browser Plugin

You can allow or deny access to the Okta Browser Plugin for groups and specific users.

The rules that you configure to protect access to the Okta Browser Plugin must be the same strength or weaker than those protecting the Okta End-User Dashboard. See Control access to the Okta End-User Dashboard.

  1. In the Admin Console, go to ApplicationsApplications and filter by Active.

  2. Select Okta Browser Plugin.
  3. In the Sign On Policy section, click Add Rule.
  4. In the People section, select the users or groups that this rule applies to:
    • Users assigned to this app: Apply this rule only to users who have been assigned to this app.
    • The following groups and users: Select the specific groups and users that this rule applies to.
      • Exclude the following users and groups from this rule: Select this option and then select the specific groups and users that are excluded from this rule.
  5. In the Location section, select the locations from which you allow access to the Okta Browser Plugin.
    • Anywhere: Allow access from any location.
    • In Zone: Allow access if the admin tries to access the Okta Browser Plugin from specific Network Zones. Select All Zones or click in the field and enter the name of allowed Network Zones.
    • Not in Zone: Block access if the admin tries to access the Okta Browser Plugin from specific Network Zones. Select All Zones or click in the field and enter the name of blocked Network Zones.
  6. In the Client section, select the client platforms that you allow connections from.
  7. In the Actions section, select the conditions for access:
    • When all the conditions above are met, sign on to this app is: select Allowed or Denied from the dropdown menu.
    • Prompt for re-authentication: Enter the amount of time after which the user is prompted to re-enter their password.
    • Prompt for factor: Select how often users are prompted for multifactor authentication.

  8. Click Save.

Related topics

Okta End-User Dashboard (Documentation for end users)

Configure general customization settings