Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add table okta_authentication_policy and fix rules column to populate correctly for Classic and Identity Engine accounts for the tables okta_password_policy, okta_idp_discovery_policy, and okta_signon_policy #139

Merged
merged 6 commits into from
Aug 19, 2024
Merged

Add table okta_authentication_policy and fix rules column to populate correctly for Classic and Identity Engine accounts for the tables okta_password_policy, okta_idp_discovery_policy, and okta_signon_policy #139

merged 6 commits into from
Aug 19, 2024

Conversation

ParthaI
Copy link
Contributor

@ParthaI ParthaI commented Aug 8, 2024
edited
Loading

Note: The table okta_authentication_policy will not work for Classic Engine. Ref: https://developer.okta.com/docs/reference/api/policy/#authentication-policy

Example query results

Results 
Classic Engine:
> select name, rules from okta_idp_discovery_policy
+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| name                 | rules                                                                                                                                                                                                             >
+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| Idp Discovery Policy | [{"actions":{},"conditions":{"app":{},"network":{"connection":"ANYWHERE"},"platform":{},"userIdentifier":{}},"created":"2021-08-26T04:22:51Z","id":"0pr1kcfw2rJewr1A45d7","lastUpdated":"2021-08-26T04:22:51Z","na>
+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->

> select name, rules from okta_password_policy
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| name           | rules                                                                                                                                                                                                                   >
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| Default Policy | [{"actions":{"passwordChange":{"access":"ALLOW"},"selfServicePasswordReset":{"access":"ALLOW"},"selfServiceUnlock":{"access":"DENY"}},"conditions":{"network":{"connection":"ANYWHERE"},"people":{"users":{}}},"created">
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->

> select name, rules from okta_signon_policy
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------>
| name            | rules                                                                                                                                                                                                                  >
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------>
| Test Sign On 22 | <null>                                                                                                                                                                                                                 >
| Default Policy  | [{"actions":{"signon":{"access":"ALLOW","rememberDeviceByDefault":false,"requireFactor":false,"session":{"maxSessionIdleMinutes":120,"maxSessionLifetimeMinutes":0,"usePersistentCookie":false}}},"conditions":{"authCo>
| Test Sign On 11 | <null>                                                                                                                                                                                                                 >
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------>

Identity Engine:


 select name, rules from okta_admin.okta_authentication_policy 
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| name                    | rules                                                                                                                                                                                                          >
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| Any two factors         | [{"actions":{},"created":"2024-08-06T04:24:19Z","id":"rulhizi5kjHIP0KNS697","lastUpdated":"2024-08-06T04:24:19Z","name":"Catch-all Rule","priority":99,"status":"ACTIVE","system":true,"type":"ACCESS_POLICY"}]>
| Okta Agent Registration | [{"actions":{},"created":"2024-08-06T04:24:18Z","id":"rulhizi5jgdBjs0tK697","lastUpdated":"2024-08-06T04:24:21Z","name":"Catch-all Rule","priority":99,"status":"ACTIVE","system":true,"type":"ACCESS_POLICY"}]>
| Okta Browser Plugin     | [{"actions":{},"created":"2024-08-06T04:24:18Z","id":"rulhizi5jdHPLghuT697","lastUpdated":"2024-08-06T04:24:20Z","name":"Catch-all Rule","priority":99,"status":"ACTIVE","system":true,"type":"ACCESS_POLICY"}]>
| Okta Admin Console      | [{"actions":{},"conditions":{"network":{"connection":"ANYWHERE"},"people":{"users":{}}},"created":"2024-08-06T04:24:20Z","id":"rulhizi5l5wiQmdUW697","lastUpdated":"2024-08-06T04:24:20Z","name":"Free trial or>
| Okta Dashboard          | [{"actions":{},"conditions":{"network":{"connection":"ANYWHERE"},"people":{"users":{}}},"created":"2024-08-06T04:24:20Z","id":"rulhizi5l6bMHGvah697","lastUpdated":"2024-08-06T04:24:20Z","name":"Free trial or>
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->

> select name, rules from okta_admin.okta_signon_policy
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| name           | rules                                                                                                                                                                                                                   >
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| Default Policy | [{"actions":{"signon":{"access":"ALLOW","rememberDeviceByDefault":false,"requireFactor":false,"session":{"maxSessionIdleMinutes":120,"maxSessionLifetimeMinutes":0,"usePersistentCookie":false}}},"conditions":{"authCon>
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->

> select name, rules from okta_admin.okta_password_policy
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| name           | rules                                                                                                                                                                                                                   >
+----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| Default Policy | [{"actions":{"passwordChange":{"access":"ALLOW"},"selfServicePasswordReset":{"access":"ALLOW"},"selfServiceUnlock":{"access":"ALLOW"}},"conditions":{"network":{"connection":"ANYWHERE"},"people":{"users":{}}},"created>
+----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

> select name, rules from okta_admin.okta_idp_discovery_policy
+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| name                 | rules                                                                                                                                                                                                             >
+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->
| Idp Discovery Policy | [{"actions":{},"conditions":{"app":{},"network":{"connection":"ANYWHERE"},"platform":{},"userIdentifier":{}},"created":"2024-08-06T04:24:13Z","id":"0prhizi5fnC0PPIhV697","lastUpdated":"2024-08-06T04:24:13Z","na>
+----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------->

@ParthaI
Add table okta_authentication_policy and fix rules column to populate…
377fb56 
… correctly for Classic and Identity Engine accounts for the tables okta_password_policy, okta_idp_discovery_policy, and okta_signon_policy.
@ParthaI ParthaI requested a review from misraved August 8, 2024 10:26
@ParthaI ParthaI self-assigned this Aug 8, 2024
@misraved misraved changed the title Add table okta_authentication_policy and fix rules column to populate correctly for Classic and Identity Engine accounts for the tables okta_password_policy, okta_idp_discovery_policy, and okta_signon_policy. Add table okta_authentication_policy and fix rules column to populate correctly for Classic and Identity Engine accounts for the tables okta_password_policy, okta_idp_discovery_policy, and okta_signon_policy Aug 19, 2024
@misraved misraved merged commit d7244bf into main Aug 19, 2024
1 check passed
@misraved misraved deleted the add-table-okta-policy-rule branch August 19, 2024 08:19
@misraved misraved mentioned this pull request Aug 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@misraved misraved misraved approved these changes

Assignees

@ParthaI ParthaI

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ParthaI @misraved