We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

PAMenabled Okta endpoint not visible in privilege request page

Manju_v
New Contributor
New Contributor

Hi Team, 

Have configure Credential, Credentialless usecase for Okta.  Endpoint is not visible under privilege request page >> Okta.
Have taken care of the configuration. Endpoint is pam enabled. Accounts are pamenabled. After we run deltasync job after updating one of the other attibutes. Endpoint is not available in Okta pam request page. 

Endpoint access query is updated in endpoint. In other attributes able to find Custom Property 43 =  PAMDefaultUserAccountAccessControl.

created role mentioned in pamconfig and added users to the role. 

Manju_v_0-1702456731834.pngManju_v_1-1702456751597.png

Manju_v_2-1702456782757.png

updated apptype key in endpoint properties as per applicationtype table entry

The Okta endpoint pam enabled and Okta accounts are pam enabled. Okta endpoint is not visible on the privilege request page. 

As per documentation, OKTA__APPLICATION_SECURITYSYSTEM  should be created automatically. OKTA_APPLICATION_SECURITYSYTEM FOR Okta is not getting created.  Okta has imported accounts into the Security system and endpoint manually created. 

Any input is appreciated. 

Thanks, 
Manju

[This message has been edited by moderator to merge reply comments]

4 REPLIES 4

NageshK
Saviynt Employee
Saviynt Employee

@Manju_v Thanks for posting your question. Few things to verify:

  1. Have you added users to the usergroup? If yes, was it after you ran the delta sync or before?
  2. Is the delta sync job status showing success? And in job details do you see the expected number of endpoints synced?

Thanks

Nagesh K

Hi Nagesh, 

Thanks for the inputs, I have created usergroup.  Delta sync job is having error have opened support ticket (Saviynt Ticket INC-2012625). 
Below is the error for your reference. 

Manju_v_0-1703047498312.png

Thanks, 
Manju

 



sk
All-Star
All-Star

@Manju_v :

  • Does the respective security system has password policy associated(Policy Rule Service Account)?
  • Do you have Emergency Access ID Request Workflow and Emergency Access ID Access Request Workflow configured on the respective security system?
  • Do you have any access query configured for respective endpoint?

Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Manju_v
New Contributor
New Contributor

@NageshK,

For OKTA, remoteapp will be configured by default.  Customer is not using default OKTA URL, they have a specific URL  mysiXXXFe.oktapreview.com.  Is there any changes required on remote app configuration side?

Thanks, 
Manju