Okta service accounts

Early Access release

Use Okta Privileged Access to manage and secure your Okta user accounts that are managed as service accounts. Discover and bring these accounts from Okta Universal Directory into Okta Privileged Access management, so you can control who gets access to these accounts and when.

View checked-out accounts

Resource admins can view which accounts are currently checked out and by who. If required, they can force a check-in on any accounts. See Checkout.

Configure project settings

Configure the setting to adjust password complexity, enable password rotation schedule, and enable checkout.

  1. On the Okta Privileged Access dashboard, go to Resource Administration Resource Management

  2. Select the resource group that contains the project you want to configure.

  3. Click a project that you want to configure.

  4. Go to the Settings tab.

  5. Click Edit.

    Action Task

    Password complexity

    1. Enter the minimum and maximum characters that you want to enforce.

    2. Under Password includes, select one or more options to include in the password.

    3. Select the checkbox under Advanced settings to require at least 1 character from each set.

    4. Click Save.

    Schedule password rotation

    Select Schedule password rotation for checkbox, and then complete the following:

    1. Select one of the following:

      • All accounts that support rotation

      • All accounts except. If you select this option, click the dropdown and select one or more accounts to be excluded from password rotation.

      • Only these accounts. If you select this option, click the dropdown and select one or more accounts to be included from password rotation.

    2. Enter Quantity, and then select the Unit to set the frequency for password rotation.

    3. Click Save.

    Checkout

    Only Okta Privileged Access security admins can configure this setting.

    Select Enable checkout for checkbox, and then complete the following:

    1. Select one of the following:
      • All accounts that support checkout

      • All accounts except. If you select this option, click the dropdown and select one or more accounts to be excluded from checkout.

      • Only these accounts. If you select this option, click the dropdown and select one or more accounts where checkout will be enabled.

    2. Enter Quantity, and then select the Unit to set the maximum checkout time.

    3. Click Save.

Related topics

Manage service accounts

Projects