Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

(question) What is OKTA Admin?

OKTA Admin is generally used for looking up a customer’s account logs, unlocking their account, or resetting passwords.

Related links

On this page:

Table of Contents
minLevel1
maxLevel6
outlinefalse
typelist
printablefalse
Panel
panelIconIdatlassian-info
panelIcon:info:
bgColor#F4F5F7

Tutorial: Look up an account

  1. Sign in to sjsu.okta.com.

  2. Click “Admin”.

3. The OKTA Admin page looks like this. Use the search bar to look up the customer by SJSU ID, name, or SJSU email.

4. Click on the account you are looking for.



Panel
panelIconIdatlassian-info
panelIcon:info:
bgColor#F4F5F7

How to use OKTA Admin

View Logs

This shows their account login history. Below are the various states user are commonly found in:

Expand
titleView
  • Invalid credentials: The user is entering either an incorrect SJSU ID or password.

  • Lockout: Occurs after five incorrect login attempts.

  • Suspended: The user tries to unlock their account but unsuccessfully answers the security question consecutively.

Unlock Account

*Unlock Account button only appears when user is locked out

When a user is in Locked Out status, the Unlock Account button appears on their account.

You can either Unlock Account for them or advise the customer to wait 21 mins and the account will unlock automatically.

Reset Password

→ Temporary PasswordImage Removed

Only issue a temporary password when a user is unable to use the SJSUOne Password Reset site.

Image RemovedCopy the temporary password and send it to the customer’s SJSU and personal email through iSupport correspondence

Expand
titleView Tutorial
  1. Select Reset Password in the account

Image Added
  1. A popup will appear giving you two options. The quickest option is to Send a reset password email which will send to both the user’s personal email and SJSU email (if they have one). If this method does not work or they cannot access their email use the Create temporary password option.

image-20240531-184756.pngImage Added
  1. If you used the temporary password option the user will be prompted to reset their password immediately after logging in with the temporary one.

  2. If you used the reset password email option the customer will recieve an email to both their personal and SJSU email with a link directing them to reset their password.

Info

To check which email they have set as their personal or secondary email you can check their account in SAMI.

Activate Suspended Accounts

Info

Accounts get suspended after lockout when a user attempts to answer their security question incorrectly more than 5 times. If the user account shows suspended This is flagged as a security threat triggering OKTA to change the account status to suspended. In this case you will have to activate the account.

Note

DO NOTreactivate deactivated accounts under any circumstance. This is for suspended users ONLY

You will need to check the user’s logs to check if the account is suspended due to being flagged or a different reason.
Expand
titleView Tutorial
  1. If the account is suspended you will see it

  2. The logs will show the incorrect security question

attempt
  1. attempts and then will have the customer’s account in a suspended status.

Image Modified
  1. If this is the case, press the activate button and inform the customer why they were suspended.

Image Modified
  1. You will have to unlock the account after activating it.

Image Modified
  1. You most likely will need to reset the customer’s password do so after activating and unlocking the account by clicking Reset Password.

Image Modified
  1. A popup will appear giving you two options. The quickest option is to Send a reset password email which will send to both the user’s personal email and SJSU email (if they have one). If this method does not work or they cannot access use the Create temporary password option.

    image-20240531-184756.pngImage Removed

    1. When the customer is able to log in, offer to assist in walking them through how to reset their Security Question.

    Reset security question

    Info

    It is highly recomended that users reset their security question after the account is activated and they are able to log in again.

    Expand
    titleView StepsTutorial
    1. Login to sjsu.okta.com click on your name in the top right corner and select “Settings” .

    image-20240531-194129.png

    1. On the settings page under “Security Methods” select the “Remove” button to delete the current security question.

    image-20240531-194002.png

    1. A pop-up will appear. Select “Yes” to confirm the removal of the security question.

    image-20240531-194249.png
    1. Enter your SJSUOne password to verify and authenticate with DUO.

    image-20240531-195041.png

    1. You will have to set up a new security question. Click “Set up”.

    image-20240531-194639.png

    1. Enter your SJSUOne password to verify and authenticate with DUO again.

    image-20240531-195047.png

    1. Select the “Set up” button to begin.

    image-20240531-194948.png
    1. Users are either able to select a premade security question or create their own (if the user has autofill on it will auto-fill with their credentials, make sure it is removed from the text entry box before proceeding to select a security question).

    image-20240531-195238.png

    1. Once the security question has been reset successfully you should see a message at the bottom right saying “You have successfully enrolled Security Question”.

    Account Status

    Expand
    titleView

    Active: The user account is in good standing, and the user can log in and access their authorized resources.

    Deactivated: The user account has been deactivated, and the user cannot log in or access any resources until it is reactivated.