Do you ever have any reason to login to your user's accounts? Due to the way some on my integrations work I need to always have a personal copy of certain apps in okta for everyone's accounts when I need to make a change in the integration.
How do you guys handle logging into individual user's accounts if you set up the app so the user has to input their password? When the user is able to input their password to an app, the admin does not have any way to see this password. Instead of asking my user for their account password, I'd have to keep resetting their password and telling my user to update their okta credentials when I do that. I can just have all apps be set by the admin and block them from ever seeing passwords, but this takes away some individuality from my users and I'd have an influx of password request/password update tickets.
I like to be able to launch new SaaS apps to my users by creating their account for them and releasing it in Okta. Unfortunately, this also means I need to have constant access to their email so I can accept their confirmation email. I can have users make their own accounts but I choose to set up their new account and default environment for them so they can get started using the SaaS app immediately.
It's currently my biggest hurdle in handling SaaS apps since my method is definitely not scalable, especially when I need to make individual Zapier connections for a specific app in everyone's account. Like, one of my apps I need to link through email but the only way to link is if I log into their account. This limitation is definitely due to our selected software, but I'm wondering if there's a way in Okta to make it easier for admins to log into basically any app.
Anybody face a similar situation? How have you handled it in your infrastructure?
🗨 Link to Slack thread