Activity Insights - do you have the Okta connector in the roadmap?

We use Okta for SSO and we would love to use the information about usage via the Activity Insights.

We already bring “latest login” data into the account aggregations, but the Activity Insights would help us to connect the dots out of the box.

Thank you!

We’re currently investigating the right path forward when it comes to sources that gather information about other sources behind them such as Okta and SSOs. We call these “indirect sources”. We are investigating which is the right approach for indirect sources as there are pros and cons to different types such as SSO, CASB, SIEM, ITDP, etc.

The challenge with SSO is the data granularity they collect. While our current connectors give us a good amount of information surrounding an identity’s activity throughout the day, SSOs only collect data when someone interacts with the SSO tile. This means that an identity could use a source for weeks at a time without having to use the tile. This would likely require UX changes due to the mismatch in data granularity. There are definite pros such as the number of customers who have Okta/Entra/Etc… We’re weighing all of these points.

2 Likes

Makes sense, thanks Patrick for the quick answer!

2 Likes

I think it could provide great insight in who has certain access, but never used it (i.e. never logged in to that app)!
Having that data available would be priceless for starting certifications and adhering to least privilege.
While it’s true that application sessions could stay alive for longer periods of time, that is generally bad practice.
In general, application sessions don’t stay active for long and users log in about once a day to their apps.

2 Likes

Completely agree that SSO is valuable and we would love that data. At this point in time we’re trying to identify which indirect connector type [SSO/CASB/SIEM/ITDP/etc] is the best to start out with.

You already have DUO in the list, given that Okta is the most used IDPs in the market should they go next? (Entra is coming close, but you have to pick one, right?)
:wink:

2 Likes

The Duo connector was developed for its MFA capabilities and to ensure it is being used. Currently, it does not support gathering activity related to other applications/sources.

1 Like

Gotcha. Not trying to be pushy here, but we use Okta for the authentication to most of our apps (SSO & MFA) and even to some on-prem services and despite I understand the data on “granular usage” out of Okta is something you’re still evaluating as part of your indirect connector discovery, I agree with Remi that centralizing the logs on last Okta activity in SailPoint Activity Insights will help us to provide better information to certifiers and admins alike.

Most of our apps are configured to expire sessions after 12h, so Okta becomes the main source to measure usage of our systems, but I understand this might not be the norm across all your customers and you have to build to cover the most common cases first.

Thank you!

1 Like

No worries! Definitely makes sense why Okta is important for your organization considering you use it for both SSO and MFA. We’ll definitely make sure to keep this in mind and realize there may be other organizations similar to y’all’s.

2 Likes