> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Okta_SWA

> Secure Web Authentication from Okta to an external application

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Edge Schema

* Source: [Okta\_User](/opengraph/extensions/okta/nodes/okta_user)
* Destination: [GH\_User](/opengraph/extensions/github/nodes/gh_user), [jamf\_Account](/opengraph/extensions/jamf/nodes/jamf_account), [OP\_User](https://github.com/SpecterOps/1PassHound), [SNOW\_User](https://github.com/SpecterOps/SnowHound)
* Traversable: ❌

## General Information

The non-traversable hybrid Okta\_SWA edges represent Secure Web Authentication relationships between Okta users and their linked accounts in external applications. SWA stores user credentials in Okta and automatically fills them in, which is less secure than federated SSO.

```mermaid theme={null}
graph LR
    subgraph okta["Okta"]
        u1("Okta_User john\@contoso.com")
        u2("Okta_User alice\@contoso.com")
    end
    subgraph op["1Password Business"]
        opu1("OP_User john\@contoso.com")
        opu2("OP_User alice\@contoso.com")
    end
    u1 -. Okta_SWA .-> opu1
    u2 -. Okta_SWA .-> opu2
```