Manage entitlements
You may need to occasionally review your entitlements setup. If you need to update or revoke user access to an application in bulk, you can edit or delete the entitlement.
Changes to an entitlement impacts all bundles and policy rules where the entitlement is in use. Deleting an entitlement removes it from any entitlement bundles and policy rules that reference it. Users who were assigned the entitlement also lose the permissions provided by the entitlement.
Before you begin
-
Sign in as a super admin, an app admin, or an admin with the following permissions:
-
Manage applications
-
Edit application's user assignments
-
Edit groups' application assignments or Edit users' application assignments
-
-
Ensure that you're assigned to the Okta Entitlement Management application.
Edit entitlements
-
In the Admin Console, go to .
-
Select an application.
-
Go to . You can view the entitlements you’ve created for the application.
-
Select an entitlement and open the Actions dropdown menu.
-
Click Edit.
-
Make the required changes on the Details or Values pages.
-
Click Save entitlement.
The changes impact all bundles and policy rules where the entitlement is in use. If you remove an entitlement value, users may lose access. Removing an entitlement value leaves a bundle or policy rule empty if it was the only entitlement value referenced in an entitlement policy rule or bundle.
Delete entitlements
When you delete an entitlement, it's removed from the application. Users who were granted this entitlement also lose the associated permissions. However, their app assignment isn't affected.
- In the Admin Console, go to .
- Select an application.
-
Go to . You can view the entitlements you’ve created for the application.
-
Select an entitlement and open the Actions dropdown menu.
-
Click Delete and then click Delete entitlement.
-
Optional. To confirm that user entitlements were revoked, check the Events table in the System Log.