Create a campaign for governing admin roles
Early Access release. See Enable self-service features.
Use the steps listed in the Create campaigns topic to create a resource campaign for reviewing users' admin role assignments.
Considerations for campaigns that govern admin roles:
-
You can only use resource campaigns to review users' admin role assignments
-
On the Resource page, select Applications as the resource type and enable the Review entitlements checkbox. Select Okta Admin Console as the app.
-
The following campaign settings are enabled by default:
-
Disable self-review
-
Require business justification
-
-
To avoid errors at the time of campaign launch, don't assign yourself as a reviewer on the Reviewer page of the campaign creation wizard if your own admin assignments are being reviewed in that campaign.
-
Select reviewers carefully for campaigns that govern admin roles. All reviewers, regardless of whether they're an admin, can approve or revoke access for review items assigned to them. They can do this even if the user whose access they're reviewing is an admin. The remediation happens immediately.
-
Only super admins can reassign review items to another reviewer after the campaign is active.