In the Spring 2022 release, the detection and coverage of SaaS applications and users was enhanced for the SaaS Management Integration for Okta. Before, SaaS applications and users were detected by ingesting login events. Now, SaaS applications and users can be detected by pulling the data from Okta’s list of registered users and applications.
What was the limitation prior to this enhancement?
The limitation of this prior integration method was that only users who logged into the SaaS application were detected. For example, if a user never logged into the SaaS application or bypassed SSO by logging in directly with username and password, they were not detected with the Okta SaaS Management Integration. And, although this would be an edge case, if none of the users logged into a SaaS application, the SaaS application was not detected.
What are the benefits of this enhancement?
The primary benefit of this enhancement is that a more complete list of the registered users and applications is ingested by Oomnitza. The additional benefits include:
- You get better coverage of your SaaS applications and users. If all your users are registered with your SaaS applications, you can skip adding an extended integration for the SaaS users to get the missing information.
- You get immediate visibility and value, because the SaaS information about your applications and users is pulled directly from the Okta registration list.
- You get improved financial reporting and license optimization, because all registered SaaS applications and users are detected regardless whether users logged in or not.
- You get a more efficient offboarding experience, because you can reclaim the licenses that were assigned to users who never accessed the SaaS application.
- You can better manage your SaaS applications portfolio, because you have an accurate and complete list of the Okta SSO enabled applications that are assigned to users.
So, I’m interested, what are my options?
To enhance the quality of data for the SaaS applications that are managed in Oomnitza, you have following options:
- Activate the enhanced detection feature for your Okta Management Integration. You can access these steps in the link below.
- Use the existing method, that was available prior to the Spring 2022 release and is still available, which collects SaaS information from login events. To get the missing information, you must also create an extended integration for the users of the SaaS application.
- As an additional advanced option, you can add a SaaS User Role workflow to detect the SaaS users that were deactivated.
How to enable this enhancement?
To enable the detection feature, see Creating a SaaS management integration for Okta.
If you have any questions, please contact your Oomnitza representative. Thanks.