Enable checkout

Security admins can define which accounts have checkout enabled and set the maximum checkout time. They can also override the max checkout time when creating a policy and force a checkin on one or many accounts during a threat detection.

Before you begin

  • A resource group is already created.

  • You must have the Okta Privileged Access security admin role.

  • The account is added to Privileged Accounts in the Project Settings.

  • Review Requirements and limitations.

Start the task

Limit access to shared accounts for a single user and control the maximum amount of time that they're allowed to access the resources.

  1. Open the Okta Privileged Access dashboard.

  2. Click Resource Management.

  3. Select the resource group that contains the project you want to configure.

  4. Select an available project.

  5. Click the dropdown menu, and then select a Resource type.

  6. Go to the Settings tab.

  7. Click Edit on Checkout Settings.

  8. Select Enable Checkout for, and then complete the following steps:

    1. Select one of the following options:

      • Include managed resources

      • Exclude resources

      • Include resources

    2. If you click Exclude resources, select the resources you want to exclude.

    3. If you click Include resources, select the resources you want to include.

    4. Select the maximum checkout time. By default the checkout time is set to 30 minutes.

  9. Click Save.

Related topics

Checkout

Force a checkin