Org-level security
Org security settings allow you to manage and control how your org is protected. By configuring administrator permissions, completing HealthInsight tasks, and defining network zones, your org remains secure and accessible to the right users.
- Identity Threat Protection with Okta AI
- Set up continuous identity threat assessment and response to protect your organization from identity-based attacks.
- Administrators
- Set up administrator permissions to provide better control on how your org is managed.
- General security
- Configure global security settings such as security notification emails and user enumeration prevention.
- HealthInsight
- Review a checklist of your organization's security settings and take action to secure your org.
- Network zones
- Define security perimeters to restrict or limit access to your org.
- Risk scoring
- Configure sign-on policies to use a risk engine that helps identify anomalous sign-in activity.
- Okta ThreatInsight
- Allow Okta to detect suspicious users who attempt credential-based attacks.
- Behavior Detection and evaluation
- Configure sign-on policies to prompt users for MFA based on their sign-in activity.
- Telephony
- Configure SMS text messages and voice calls for device enrollment, multifactor authentication, account recovery, and password resets to comply with the laws and regulations where your organization operates.
- API access management
- Build custom authorization servers in Okta that can be used to protect your own API Endpoints.
- Manage Okta API tokens
- Manage Okta API tokens and add origin URLs. See Okta Developer for more details.
- Allow access to Okta IP addresses
- Allow access to select IP addresses and applications so they aren't blocked by your network.
- Mitigate the impact of third-party cookie deprecation
- Ensure that your browser allows cookies from your Okta org domain.