Okta Groups for Access Gateway
All Access Gateway applications require one or more groups. These groups are used to grant or deny access to the protected applications resources. You need to define one or more groups representing the sections of your application being protected in your Okta tenant. You may have to create multiple groups where more complex policy is requred.
- You have administrator rights on your Okta tenant and can assign applications to users, and create groups.
You must define one or more groups representing the sections of your application being protected in your Okta tenant. See the Manage application policy guide for information on defining fine-grained access policy. You can also define additional attribute field values required by your application. However, they must be outside the values provided by default.
To define groups within your Okta tenant:
- Sign in to your Okta tenant as an administrator.
- In the Admin Console, go to Directory > Groups.
- Click Add Group.
- Click the name of the newly added group and use the various menu items to add members and manage group membership.
See Users, Groups, and Profiles for more information on user and group management.
- See Access Gateway supported application and version information for details of supported application and version information.
- See Add a generic header application.
- See Add a sample header application.
- See Add a sample policy application.
- See Troubleshoot applications.
- Add or review application essential settings. See About application essentials and Manage application essentials.
- Add application behaviors. See About application behaviors.
- Add fine grained policy to further protect resources. See About application policy and Manage application policy for an overview on user policy and for examples respectively.
- Extend existing policy using custom configuration. See Advanced Access Gateway policy.
- Associate a certificate with this application. See Manage certificates.
- Add supplemental database or LDAP based data stores. See Administer data stores.