Tracking Password Settings for Okta in Vanta

  • Updated

Vanta can track password settings for applications using Okta for authentication or for select integrations, including AWS. This allows you to select which Okta password setting configuration applies to your application and provide this evidence during an audit of your vendors. Password configuration data is commonly used as evidence for frameworks including SOC 2 and ISO 27001.

Connecting Your Tools

  • You can connect Okta to Vanta following these instructions. No notable changes are needed to capture password settings. 
  • Once connected, Vanta will fetch any password settings configurations enabled in Okta. While most instances will have one configuration, it is possible to have several.
  • To gather password settings for other platforms including AWS, simply follow the integration instructions for each platform.

Viewing Password Configurations

You can view password configurations on the Inventory page. Within the Inventory page, you will find a section called Password Policies. This view will include all password policies that Vanta has discovered, as well as crucial details about the policy

Setting Password Policies

  • You can also set password policies for various applications that use Okta for authentication. To do so, navigate to the Managed Vendors page and select any application that uses Okta for authentication.
  • Next, update the Auth method field to “Okta” and save or ensure it is selected.
  • Once Okta is selected, you will see a new section for Password configurations below.
  • Within Password Configurations, you will either see your default Okta password settings reflected or be able to select the appropriate configuration should you have multiple.

  • If you have Auditor visibility set to Visible, your auditor will be able to view password settings data for this vendor automatically, reducing the need for manual screenshots.