If an unusual number of appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. unassignments occurs during an import, Okta triggers an alert to warn against the unintended deprovisioning of a large number of apps from users within an orgThe Okta container that represents a real-world organization.. The Import Safeguard feature stops the import and suspends subsequent imports.
Note: For the Import Safeguard feature to be triggered, an org must contain a minimum 100 app assignments.
When triggered, the following message appears on the Okta Dashboard.
If the app unassignment was expected
If these app unassignments were intentional, you can simply resume the import by clicking Resume All Imports. You can also view the event in the system log and, if you feel the current setting caused the unnecessary alert, adjust the threshold of allowed app unassignments. For details, see Increase the App Threshold below.
If the app unassignment was not expected
If the number of unassignments was not intentional, clicking Cancel the Affected Import and Resume Other Imports allows you to arrest imports from the offending app and resume other imports. Okta recommends viewing the event in the system logs and, if the issue remains unexplained, call Okta customer support.
Note: Import Safeguard is triggered by the number of unassignments imported into Okta. Deactivated users are counted among these unassignments, regardless of lifecycle state that you set upon import.
If you click the app assignment removal limit link, the following modal appears. It allows you to define a percentage of acceptable app unassignments before Import Safeguard is automatically triggered.
Note: This rate can also be changed from the ProvisioningProvisioning is the enterprise-wide configuration, deployment, and management of multiple types of IT system resources. Specifically, provisioning provides users access to equipment, software, or services. This involves creating, maintaining and deactivating required business process automation objects and attributes in systems, directories, and applications. tab during the app provisioning process.Top