Manage user entitlements

You may need to review or edit an individual user’s entitlements if the user’s project assignment changes, they need access to entitlements for a short interval, or they no longer need access to certain entitlements.

Before you begin

  • Sign in as a super admin, an app admin, or an admin with the following permissions:

    • Manage applications

    • Edit application's user assignments

    • Edit groups' application assignments or Edit users' application assignments

  • Ensure that you're assigned to the Okta Entitlement Management application.

  • Check that you've enabled Governance Engine for the app and created entitlements.

  • Ensure that the application is assigned to the user.

Start this task

  1. In the Admin Console, go to ApplicationsApplications.
  2. Select an app.

  3. Go to the Assignments tab.

  1. Open the options menu associated with the user.

  2. Click Edit user entitlements.

  3. Optional. Remove entitlement bundles that the user requested using Access Requests.

  4. Select from one of the following options. The available options vary depending on the existing entitlement assignment method.

    • Revert to policy:

      Reverting to Policy removes all existing entitlements and bundles for the user. The user's entitlements are then governed by policy rules. If the user's profile attributes meet the conditions of policy rules, entitlements are assigned to the user.

      Click Revert to confirm.

    • Customize entitlements:
      1. Select this option to assign individual entitlements to users. When you customize entitlements, the following occurs:

        • All existing entitlement assignments are removed.

        • Policy rules no longer apply to this user. The user can request bundles using Access Requests later.

      2. Choose from the available entitlement values to assign entitlements to the user.

      3. Click Save.

Related topics

Identity Governance Reports