Get started with Security Access Reviews
Early Access release. See Enable self-service features.
As a super admin or a custom admin with the Manage security access reviews (okta.governance.securityAccessReviews.admin.manage) and View users and their details permissions, follow this sequence of configuration tasks to start using security access reviews.
Initial tasks
|
Admin task |
Description |
|---|---|
|
Enable the features |
Enable Access Certifications - Security Access Reviews. Optionally, enable Access Certifications - AI summary for Security Access Reviews. See Security access reviews |
| Launch a security access review | Best practices and steps for launching a security access review. |
| Understand prioritization for security access reviews | Learn how Okta assigns a priority to a review. |
| Understand remediation for security access reviews | Understand how remediation works when a reviewer revokes or restores user access during an active review. Also learn about situations that require manual remediation. |
| Manage Security Access Reviews | View active or closed reviews or close an active review from the Admin Console. |
Reviewer tasks
To understand the steps reviewers do to review user access, see Review access.
Limits
|
Limit |
Maximum |
|---|---|
| Duration for a security access review | 180 days |
| Number of active security access reviews in an org | 500 |
| Number of active security access reviews for a user | 5 |
| Number of users assigned as reviewer for a security access review | 10 |
|
Number of resources (apps, groups, entitlements, bundles) in a review |
100,000 |
Limitations
-
You can only assign users as reviewers for a security access review.
-
Governance delegates aren't supported for reviewers assigned to a security access review.
-
Security access reviews don't support resource owners even if the Resource Owners feature is enabled for your org.