Any ... <answer_goes_here>'s credentials verified under "Test API credentials" in an Office365 app integration can allow Okta API integration with Office 365 - permissions which once successfully granted will be used by Okta used for Provisioning related tasks
Any ... <answer_goes_here>'s credentials verified under "Test API credentials" in an Office365 app integration can allow Okta API integration with Office 365 - permissions which once successfully granted will be used by Okta used for Provisioning related tasks Solution: Office 365 Global AdministratorA . YesB . NoView AnswerAnswer: A
As an Okta best-practice / recommendation: Okta encourages you to switch from Integrated Windows Authentication (IWA or DSSO) to agentless Desktop Single Sign-on (ADSSO). Okta is no longer adding new IWA functionality and offers only limited support and bug fixes.
As an Okta best-practice / recommendation: Okta encourages you to switch from Integrated Windows Authentication (IWA or DSSO) to agentless Desktop Single Sign-on (ADSSO). Okta is no longer adding new IWA functionality and offers only limited support and bug fixes. Solution: Only the first statement is trueA . YesB ....
The SCIM protocol is <response_is_entered_here> for provisioning and managing identity data on the web.
The SCIM protocol is <response_is_entered_here> for provisioning and managing identity data on the web. Solution: An application-level TLS protocolA . YesB . NoView AnswerAnswer: B
In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because:
In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because: Solution: An SP sends SAML assertions, while the IDP receives and validates themA . YesB . NoView AnswerAnswer: B
On a Windows machine, which is the right behavior if you try to sign into your Okta org and agentless DSSO is properly configured for it?
On a Windows machine, which is the right behavior if you try to sign into your Okta org and agentless DSSO is properly configured for it? Solution: You will be automatically redirected to your Load-Balancing Application, if you have one configured, enter credentials for it and then redirected back to...
Okta has a json representation of objects such as 'users', json schema interchanged on API calls, as an example, but what about the format of information regarding of a user going to a SCIM server for creating the user in an On Premises application?
Okta has a json representation of objects such as 'users', json schema interchanged on API calls, as an example, but what about the format of information regarding of a user going to a SCIM server for creating the user in an On Premises application? Solution: Format is different: xmlA ....
When a user's Okta password is changed:
When a user's Okta password is changed: Solution: All apps that are Provisioning-enabled and have Sync Password option active under Provisioning settings - will begin to sync the password in respective apps, but only if JIT Provisioning is enabled as well as it has to be a just-in-time action, the...
In an SP-initiated SAML 2.0 flow, the SP will never redirect to Okta if the session is already active
In an SP-initiated SAML 2.0 flow, the SP will never redirect to Okta if the session is already active Solution: It will always redirect to Okta and in this case only - will promt the user for re-authentication by manually entering Okta credentialsA . YesB . NoView AnswerAnswer: B
When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in
When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in Solution: Statement is false, as this would represent a security concernA . YesB . NoView AnswerAnswer: B
There might be specific AD attributes, which - apart from others - do not appear in the Okta user profile. Can those extra attributes be mapped and provisioned towards an app?
There might be specific AD attributes, which - apart from others - do not appear in the Okta user profile. Can those extra attributes be mapped and provisioned towards an app? Solution: No, it is not possible as Okta queries the whole AD schema and retrieves everything that it's able...