Okta Privileged Access user guide

If you're an Okta Privileged Access user, your access to privileged resources is based on the groups you belong to and the access granted to the group.

Before you begin

To get started with Okta Privileged Access, you must complete a few tasks. See Get started with Okta Privileged Access.

Access resources

You can view the list of resources you've been granted access on your dashboard and connect to the resources through SSH or RDP using your Okta identity.

A Connect button is available on the dashboard for each server, allowing you to connect easily. Access to some servers may require Access Requests approval.

  1. Sign in to your Okta Privileged Access account.
  2. Go to My Privileged Access.
  3. On the server that you want to connect, click the Actions menu.

  4. Click Connect on the server you want to access.
  5. On the dialog that appears, select an account.
  6. Click Connect. A terminal window or sft UI opens, where you can choose an account to use or be notified of any request approvals.
  7. If a server account requires an approval to access, do the following:
    1. Select an account that you want to use.
    2. Click Request approval. Okta Privileged Access automatically generates an Access Request for you. When your request is approved, you can try to connect again.

Create and manage secrets

When an Okta Privileged Access user is granted access to a secret folder, their level of access may vary based on the assigned permissions. Depending on the permissions, they can perform different tasks within the folder through the user interface or the CLI, such as creating, reading, updating, or deleting secrets and folders.

If the Access Requests condition is enabled in the policy, the users are required to request approval before performing any task. This means that they need to obtain approval before performing specific actions within the secret folder, such as creating a folder or a secret.

The following topics discuss how to create and manages secrets on the user interface. To use CLI commands, see Use the Okta Privileged Access client.

Create a nested folder

  1. In the Okta Privileged Access dashboard, go to My Privileged Access Secrets.
  2. Open a top-level folder.
  3. Click Create Create Folder.
  4. Give the folder a name and write the description.
  5. Click Submit.

Create a secret

  1. In the Okta Privileged Access dashboard, go to My Privileged Access Secrets.
  2. Open a top-level folder.
  3. Click Create Create Secret.
  4. On the Secret name page, enter the following:
    FieldTask
    Name

    Give the secret a name. The name can only contain alphanumeric characters (a-Z, 0–9), hyphens (-), underscores (_), and periods (.)

    DescriptionWrite a description.
    Key nameWrite a key name.
    Secret valueEnter the secret value.

    Secret keys in the key-value pairs must be case-sensitive.

  5. Optional. To add another key-value pair, click Add key value.
  6. Click Save secret.

Reveal a secret

Okta Privileged Access users can reveal secrets to view key names and secret values.

  1. In the Okta Privileged Access dashboard, go to My Privileged Access Secrets.
  2. Open a top-level folder.

  3. Select a nested secret folder.

  4. Click Reveal value.

Delete a secret folder

  1. In the Okta Privileged Access dashboard, go to My Privileged Access Secrets.
  2. Open a top-level folder.

  3. Select a nested secret folder.

  4. Click the Actions, and then select Delete.

  5. Click Delete secret folder.

Delete a secret

  1. In the Okta Privileged Access dashboard, go to My Privileged Access Secrets.

  2. Open a top-level folder.

  3. Select a nested secret folder.

  4. Click the Actions, and then select Delete.

  5. Click Delete secret.

Related topics

Install the Okta Privileged Access client

Enroll the Okta Privileged Access client

SSH setup

RDP setup

Secrets

How sudo command bundles work

Use the Okta Privileged Access client