Servers

Server resources live within projects in a resource group. You can extend secure privileged access to users, automate lifecycle management for server accounts, and eliminate the need for credential management.

View checked-out accounts

Resource admins can view which accounts are currently checked out and by who. If required, they can force a check-in on any accounts. See Checkout.

Configure project settings

Configure the setting to adjust password complexity, enable password rotation schedule, and enable checkout.

  1. On the Okta Privileged Access dashboard, go to Resource Administration Resource Management

  2. Select the resource group that contains the project you want to configure.

  3. Click the project that you want to configure.

  4. Go to the Settings tab.

  5. Click Edit.

    Action Task

    Project name

    Enter a project name

    Enrollment token
    1. Click view to see the available enrollment tokens. An enrollment token is used to enroll a server agent into an Okta Privileged Access project. See Server Enrollment.
    2. To create an enrollment token, click Create Enrollment Token.

    Account discovery

    (optional)

    Click the toggle to enable it. Once enabled, local accounts are discovered on all servers.

    Password settings

    (optional)

    Passwords are securely stored in an Okta Privileged Access vault. Account discovery must be turned on to configure password settings.

    1. Type a name to specify which account you want to apply these password rules.
    2. Set the condition for password rotation.
    3. Set the password complexity.

    SSH configuration

    (optional)

    Select a public key signature algorithm for authentication keys.

    By default, projects use the ssh-ed25519 algorithm, but admins can configure the project to use the ssh-rsa to support legacy servers. The ssh-rsa algorithm is considered insecure.

    Gateway selector

    Specify one or more gateway selectors, where each selector is a key-value pair (for example, environment:staging). See Okta Privileged Access gateways.
    Account lifecycle

    Click the toggle to enable persistent principal accounts. See Persistent account for details.

    You must install version 1.74.4 or higher of Okta Privileged Access client, gateway, and server agent to use this feature.

  6. Click Save.

Related topics

Projects