Get started with Okta Aerial
Limited Early Access release
With Okta Aerial, you can efficiently manage multiple orgs from a single, centralized account.
Key terms
|
Term |
Description |
|---|---|
| Aerial account | The management layer around multiple orgs within Okta. The Aerial account lives outside of your orgs and can manage any production or preview org linked to the Aerial account. Each Aerial account has a dedicated Aerial org. |
| Aerial org | Used to add Aerial owners and to create app sign-in policies for the Aerial Console. It's also used to register API clients and acts as an authorized server for all API calls that are made in the associated Aerial account. The Aerial org contains all System Log events that are associated with Okta Aerial actions. |
|
Aerial Console |
Used to view and manage orgs. You can access the Aerial Console from your Aerial org. |
|
Associated org |
All Production and Preview orgs that are related to your Okta contract. The list of associated orgs is displayed in the Okta Aerial Console. |
|
Managed org |
An org that's managed by Okta Aerial. A super admin must grant consent in the Admin Console or through the Aerial consent API, and an Aerial owner must add the org to Aerial for the org to be managed. See Grant consent to Okta Aerial. |
|
Aerial Console owner |
An admin with super admin privileges in your Aerial org. |
Before you begin
Ensure that you meet these requirements:
-
You have an active Okta Aerial account.
-
You have super admin privileges for your Aerial org.
Sign in to Aerial org
Each Aerial account has a dedicated Aerial org. This org is separate from your other Okta orgs and is where you can access the Aerial Console. Sign in to your Aerial org's Admin Console to manage users and app sign-in policies.
Create an app sign-in policy
Multifactor authentication is required to access the Aerial Console.
See App sign-in policies.
Set up Aerial account owners
Aerial account owners are admins who have super admin privileges in your Aerial org. Only Aerial account owners can access the Aerial Console. To set up an Aerial account owner you must add the user to the Aerial org and grant them super admin privileges.
-
In your Aerial org's Admin Console, go to .
- Click Add Person.
- Complete the fields and click Save.
- From the People page, select the new user and go to the user's profile page.
-
Go to the Admin Roles tab.
-
Click Add admin assignment.
-
Select Super Administrator from the list of available roles.
-
Click Save changes.
New users receive an email invitation to set up their account.