Configure policies for Access requests apps
Access Requests includes the following Okta apps.
-
Okta Access Requests: This app is automatically assigned to super admins. It controls which super admins can be assigned to a request. You can assign it to approvers if you want to assign them tasks, and to end users if you want them to see the Request Access button. This is the only app visible on the Okta dashboard.
Check that the admins were assigned the Okta Access Requests app. If the app wasn't assigned automatically or the user was unassigned, you must assign the app to the user to avoid errors.
-
Okta Access Requests OAuth: This app is automatically assigned to super admins. It's only used for running workflows in a request. You don't need to assign it to any users.
-
Okta Access Requests Admin: This app is automatically assigned to super admins. You can assign it to any admins who need to manage Access Request Conditions.
-
Okta Identity Governance: This app is automatically assigned to all users. Nothing is made available by default, and no app management is required.
Existing super admins get these apps automatically when you enable the feature. If you add super admins later, you need to manually assign the apps to them.
Configure policies for your apps
-
Modify the existing app sign-on policy for the Okta Access Requests Admin app so that all rules match those of the Okta Admin Console app. You can also require MFA to access this app. See Enable MFA for the Admin Console.
-
Modify the existing app sign-on policy for the Okta Identity Governance app so that all rules match those of the Okta Dashboard app.