Okta Groups

This is a placeholder page. Please see the links below for any child pages that exist.


Okta Group Members Management Guide

Overview

Managers can self service add users to Google Groups that are synced to Okta for access to various Okta applications.

If you are listed as an Owner/Provisioner for an application in the tech stack you will be using the method below to add users to a Google group, which will then sync this group to Okta and assign the application to users. This process was created to empower business application owners to effect Access Requests which require Okta application assignment.

Okta Group Nomenclature

Overview

Okta Groups need to follow standardized naming conventions for better discovery, tracking, and automation potential.

Syntax for user-metadata groups

{department_slug}.{functional_team_slug}.{specific_role_if_applicable}

Example: sales.account_exec.amer

Syntax punctuation

  • periods (.) as separators
  • underscores (_) for spaces
  • not using hyphens (-) or camelCase

App assignments groups

app.{system}.{environment}.{role/permission}

Example: app.salesforce.prod.account_exec_emea

App approver group

corpsys.approver.{system}

Example: corpsys.approver.salesforce

App provisioner group

corpsys.provisioner.{system}

Example: corpsys.provisioner.salesforce

Okta Groups Rules

This is a placeholder page. Please see the links below for any child pages that exist.