Control which apps and APIs your users have access to using attribute-based policies enforced through SAML and OAuth protocols
Gartner has predicted that APIs will become the primary attack vector by 2022. Additionally, OWASP has flagged the potential risks associated with APIs repeatedly in its list of top 10 critical security flaws.
API Access Management
Create fine-grained API authorization policies that combine the OAuth grant type, user group membership, and external data sources.
Flexible context-sensitive authorization policies
API authorization policies
API authorization policies can take into account the OAuth grant type, user group membership, and external data sources.
- Configurable access token and refresh token lifetime and expiration policies
- OAuth Client specific policies to segregate and log customers, users, and applications separately
- Integrate with internal systems to retrieve dynamic data or additional entitlements for downstream applications
Role-based access control to applications
Allow teams to establish, maintain, and audit authorization policies based on group membership and user context without writing code.
Centralized administration and monitoring
Capture real time access and authorization logs to understand normal access and detect bad actors mid-attack.
Create and customize authorization policies
Administrative dashboard to create authorization servers that generate tokens with custom-defined scopes and claims.
Preview the scopes, claims and values of your OAuth token.
Real-time dashboard and system log
Real time visibility and anomalous behavior reports. As token-related events occur in Okta, including creation and revocation, notify external services outside of Okta with Event Hooks.