Group ownership
This feature is available only if you're subscribed to Okta Identity Governance.
The group ownership feature lets you assign up to 10 Okta users as owners of a group. Group owners can approve request types for Access Requests and serve as Access Certifications campaign reviewers.
You can configure group owners in Okta or import them from Active Directory, as long as they have a standard admin role or group management permissions. There are multiple benefits of using group ownership with Okta Identity Governance:
-
If the group ownership changes, you don't have to make individual user updates.
-
Group owners have no default permissions, which means that you can assign group ownership to a user without making them an admin. If you want them to perform admin actions like adding and removing users or changing the group name, you can assign them an appropriate Okta admin role.
-
You don't have to send multiple request types to owners of different groups. Create a single request type and Okta automatically sends it to the appropriate group owner for approval. See Create a request type.