Users must install version 1.7.x or higher of Okta Privileged Access client, server agent, and gateway. Okta Privileged Access doesn't provide the option for users to request group membership or for approvers to manage Okta group membership by approving requests. However, Okta Identity Governance customers can manage group membership for groups assigned PAM admin, security admin, or resource admin roles using Okta Privileged Access with Access Requests.
The following are the current maximum limits for various items in Okta Privileged Access:
|Security policies per team
|Rules per policy
|Labels selectors per rule
|Principals per policy. Maximum for user and group entries.
|Resource groups per team
|Projects per team
|Top-level folders team-wide
|50 levels deep
|Secret and folder names
Secrets may not be used to store any unlawful or infringing material, controlled or classified information, or any other data that is not permitted to be entered into the Service by Okta’s Master Subscription Agreement.
Entitlement analysis and discovery
|Cloud connections per team
|Entitlement analysis jobs per team
|IaaS account per entitlements analysis job
|Max number of AWS IAM Identity Center users
Set up Okta Privileged Access
Cloud infrastructure entitlements