Okta Browser Plugin permissions - Chrome
Okta Browser Plugin requires the following permissions in Chrome:
Why Okta Browser Plugin needs it
To open a new tab when the user:
Clicks on an on the popover. The plugin opens a new tab with the login url and signs the user in.
Wants to login to their dashboard using the admin link on the popover.
Wants to switch between their okta accounts using the account chooser feature.
Because the plugin inherits the session ID and device token cookies from the end-user dashboard, which it uses to make its API calls for . This enables the server to verify the user and make sure the POST requests are coming from a valid plugin user
To inject the content script into
https:// webpages on the internet.
It enables the plugin to:
Detect if the page is a login page of interest.
Detect the okta home page and initialize the plugin to the logged in account
Change password for
Display anti-phishing warnings
To access the
To access the
To store HTML5 -side data.
To hook into the request lifecycle to do various tasks.
To detect whether the plugin is installed on the user's computer.
We use thi spermision to detect when a DOM is loaded. After the DOM is loaded we inject the content scripts into the web page. This is required for the autologin and SWA functionality to work correctly.