Get started with resource collections
Early Access release. See Enable self-service features.
A resource collection is a set of apps and entitlements. Admins can directly assign resource collections to users. They can also create access request conditions that allow users to request access to collections through the End-User Dashboard.
Before you begin
- Sign in as a super admin or an admin with the following permissions:
- Manage applications
- Manage collections
- Edit application's user assignments
- Edit groups' application assignments or Edit users' application assignments
- Ensure that you're assigned to the Okta Entitlement Management, Okta Access Requests, and Okta Access Requests Admin apps.
See Custom admin roles and Role permissions.
Setup and maintenance tasks
Initial setup tasks
As a super admin or a user with the appropriate permissions and app assignments, follow this sequence of tasks to create and configure resource collections.
|
Admin task |
Description |
|---|---|
| Create a resource collection | Create a resource collection. |
| Manage resource collection apps | Set which apps are included in a resource collection and their selected entitlements. |
| Access request conditions | Understand how access request conditions can streamline the task of requesting and granting access to a resource collection. |
| Create an access request condition for a resource collection | Define which users can request access to a collection, how long should they have access for, and who should approve their access request. |
| Enable a condition | Enable your access request condition, making it active. Enabling a condition allows users to request access to a collection from their End-User Dashboard. |
| Past Access Requests (Conditions) report | View who has requested access to resources and related data points, including whether access was granted and by whom. You can set the Access Scope Type filter value as Collection. |
| Manage resource collection assignments | Assign collections to users, unassign them from users, and set when a user's access to a collection ends. |
| Manage resource collections | Edit the names and descriptions of resource collections, and delete unnecessary collections. |
| Campaigns | Understand the Access Certifications campaign types to ensure that your users have the right level of access to resources like apps, groups, and collections. |
| Customizable reviewer context | Customize your campaigns to include information about resource collections that enables reviewers to make informed decisions. |
| Understand remediation | Learn more about how Access Certifications remediates user access based on a reviewer's decision and the method used to assign access to the user. You must manually remediate access to resource collections. |
User experience
Learn about the tasks that users perform.
|
User task |
Description |
|---|---|
| Create requests | Understand how your requesters can request access to a collection directly from their dashboard after conditions are enabled for a collection. |
| Manage requests | Understand how request assignees can manage access requests for a resource collection. |
| Manage tasks | Understand how request approvers can approve or deny requests. |
| Review campaigns | Understand how reviewers can review the items assigned to them. |
Limits
The following table lists the limits that apply to resource collections.
| Limit | Maximum |
|---|---|
| Resource collections in an org | 500 |
| Apps in a collection | 25 |
| Number of entitlement values that can be added per app in a collection | 100 |
| Number of users that can be assigned to a collection | no limit |
Existing limits also apply for Access Certifications and Access Requests.