Okta Terminology Flashcards
What is the Okta Agent
A software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta’s cloud service.
Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations.
Downstream app
In the context of Okta provisioning, a downstream app is one that is receiving data from Okta.
What is IdP
An acronym for Identity Provider. It is a service that manages end user accounts analogous to user directories such as LDAP and Active Directory, and can send SAML responses to SPs to authenticate end users. Within this scenario, the IdP is Okta.
What is OIN
An acronym for the Okta Integration Network. The OIN is comprised of thousands of public, pre-integrated business and consumer applications. As an on-demand service, OIN integrations are continuously validated, always up to date, and constantly growing both in number and capability. Okta performs a single integration with an ISV or SP, providing thousands of end users with point-and-click customization for their orgs.
What is ONM
OMM
An acronym for Okta Mobility Management. OMM enables you to manage your users’ mobile devices, applications, and data. Your users enroll in the service and can then download and use managed apps from the Apps Store. Managed apps are typically work-related, such as Box or Expensify. As an administrator, you can remove managed apps and associated data from users’ devices at any time. You can configure policies, such as data sharing controls, on any of your managed apps.
What is Okta Verified
Each app found in the Okta Applications page has either an Okta Verified, Community Created, or Community Verified designation. Okta Verified indicates that the app was created either from the OIN or by Okta community users, then tested and verified by Okta.
What are OU
An acronym of Organizational Unit. Organizational units are Active Directory containers into which you can place users, groups, computers, and other organizational units. It is the smallest scope or unit to which you can assign Group Policy settings or delegate administrative authority.
Partner-Built Provisioning
The provisioning integration of some OIN apps are built by a partner, typically the ISV of the integrated product/service. This means that the partner decided what specific integration features to include and wrote the documentation. The integration was then Okta Verified through a rigorous review process.
What is Profile Master
A profile master is an application (a directory service like Active Directory or an HR management software such as Workday) that can act as the “source of truth” for user identities. If more than one profile master exists on the Profile Masters page, they can be prioritized so that end users can be mastered by different systems, based on their assignments. There can only be one profile master that masters a user’s entire profile.
What is Attribute Level Mastering
When users are mastered by attribute, we call this attribute-level mastery (ALM). ALM delivers finer grain control over how profiles are mastered by allowing admins to specify different profile masters for individual attributes. Profile mastering only applies to Okta user profiles, not app user profiles. For more details, see Attribute Level Mastering.
What is SSO
SSO
An acronym for single sign-on. In a SSO system, a user logs in once to the system and can access multiple systems without being prompted to sign in for each one. Okta is a cloud-based SSO platform that allows users to enter one name and password to access multiple applications. Users can access all of their web applications, both behind the firewall and in the cloud, with a single sign in. Okta provides a seamless experience across PCs, laptops, tablets, and smartphones.
What is SWA
An acronym for Secure Web Authentication. SWA is a SSO system developed by Okta to provide single sign-on for apps that don’t support proprietary federated sign-on methods or SAML. Users can enter their credentials for these apps on their homepage. These credentials are stored such that users can access their apps without entering their credentials each time. When users first sign-in to a SWA app from their homepage, they see a pop-up message asking if they were able to sign-in successfully.