Simplify access: Bulk provisioning with Okta Access Requests
Migrating a large number of users can be daunting, but it doesn't have to be. Okta streamlined the process for bulk access requests using two powerful products, Workflows and Access Requests, to get your users up and running quickly while maintaining a secure, governed environment. This is especially helpful when moving from a legacy platform to a modern identity governance solution.
Seamless bulk access with governance
Our primary goal for this process is to enable organizations to handle large-scale access provisioning in an automated and controlled manner. Instead of manually adding users one by one, this approach allows you to initiate bulk access requests for automatic approval, significantly reducing the time and effort required for user migration. This ensures that users get the access they need without delay, all while the system records a formal access request for each user, maintaining a clear audit trail and strong governance.
Automating the process
To make this possible, the approach involves a combination of pre-configuration and automation. We create a temporary, auto-approved access request condition that mirrors your permanent one. The process then uses a workflow to read a list of users and their corresponding access request IDs. The workflow automatically submits an access request on behalf of each user. This ensures that every user is properly provisioned with the correct access while also creating a formal, auditable record.
Behind the scenes
This process requires a few key activities to ensure everything runs smoothly. First, the temporary access request condition is configured with an auto-approval sequence. Next, a list of users and their specific access entry IDs is compiled. Finally, a workflow is used to process this list. The workflow is intentionally throttled to a concurrency of five with a 10-second wait between each request. This is a crucial step that prevents system limitations from causing requests to get stuck.
Efficient and auditable
Okta’s new bulk access process provides significant security value by ensuring that all access is properly requested and logged, even when done in bulk. The use of a temporary, auto-approved condition allows for rapid provisioning during a migration, but it is then disabled, and the standard access request conditions are re-enabled. This ensures that post-migration, all future access requests go through your normal governance policies, maintaining a secure and auditable system.
Explore how you can instantly automate identity tasks and simplify large-scale processes with Okta Workflows, or connect with a Sales expert to start transforming your organization today.
Access more Okta-on-Okta content below:
Transforming onboarding with passwordless security
Our proactive security journey: Adopting Okta Identity Threat Protection
