> ## Documentation Index > Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt > Use this file to discover all available pages before exploring further. # Okta_ResourceSet > A resource set containing users, groups, applications, and other Okta objects Applies to BloodHound Enterprise and CE ## Overview Resource sets are collections of entities that can be used to scope custom role assignments in Okta. A resource set can contain the following object types: * [x] [Users](/opengraph/extensions/okta/nodes/okta_user) * [x] [Groups](/opengraph/extensions/okta/nodes/okta_group) * [x] [Applications](/opengraph/extensions/okta/nodes/okta_application) * [x] [API Service Integrations](/opengraph/extensions/okta/nodes/okta_apiserviceintegration) * [x] [Devices](/opengraph/extensions/okta/nodes/okta_device) * [x] [Authorization servers](/opengraph/extensions/okta/nodes/okta_authorizationserver) * [x] [Identity Providers](/opengraph/extensions/okta/nodes/okta_identityprovider) * [x] [Policies](/opengraph/extensions/okta/nodes/okta_policy) * [x] Entity risk policy * [x] Session protection policy * [x] Authentication policy * [x] Global session policy * [x] End user account management policy * [ ] Shared Signals Framework (SSF) Receivers * [ ] ~~Workflows~~ (Gaps in the Okta API) * [ ] ~~Customizations~~ (Gaps in the Okta API) * [ ] ~~Support cases~~ (Gaps in the Okta API) * [ ] ~~Identity and Access Management Resources~~ (Gaps in the Okta API) Only the marked resource types are currently supported as resource set members. Some resource types, such as Workflows, are not accessible via the Okta API at all. Okta Resource Set displayed in BloodHound Resource sets are represented as Okta\_ResourceSet nodes in BloodHound. ## Edges The tables below list edges defined by the Okta extension only. Additional edges to or from this node may be created by other extensions. ### Inbound Edges | Edge Type | Source Node Types | Traversable | | ---------------------------------------------------------------- | ---------------------------------------------------------------------------- | ----------- | | [Okta\_Contains](/opengraph/extensions/okta/edges/okta_contains) | [Okta\_Organization](/opengraph/extensions/okta/nodes/okta_organization) | ✅ | | [Okta\_ScopedTo](/opengraph/extensions/okta/edges/okta_scopedto) | [Okta\_RoleAssignment](/opengraph/extensions/okta/nodes/okta_roleassignment) | ❌ | ### Outbound Edges | Edge Type | Destination Node Types | Traversable | | -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- | | [Okta\_ResourceSetContains](/opengraph/extensions/okta/edges/okta_resourcesetcontains) | [Okta\_User](/opengraph/extensions/okta/nodes/okta_user), [Okta\_Group](/opengraph/extensions/okta/nodes/okta_group), [Okta\_Application](/opengraph/extensions/okta/nodes/okta_application), [Okta\_ApiServiceIntegration](/opengraph/extensions/okta/nodes/okta_apiserviceintegration), [Okta\_Device](/opengraph/extensions/okta/nodes/okta_device), [Okta\_AuthorizationServer](/opengraph/extensions/okta/nodes/okta_authorizationserver), [Okta\_IdentityProvider](/opengraph/extensions/okta/nodes/okta_identityprovider), [Okta\_Policy](/opengraph/extensions/okta/nodes/okta_policy) | ✅ | ## Properties | Name | Source | Type | Description | | ------------- | ------------------------------------------------------- | ---------- | ------------------------------------------------------- | | `id` | `resourceSet.id + "@" + oktaDomain` or `resourceSet.id` | `string` | Unique resource set identifier (domain-qualified). | | `name` | `resourceSet.label` | `string` | Resource set name. | | `displayName` | `resourceSet.label` | `string` | Display-friendly resource set name. | | `oktaDomain` | Collector context (non-API) | `string` | Okta organization domain where the resource set exists. | | `description` | `resourceSet.description` | `string` | Resource set description text. | | `created` | `resourceSet.created` | `datetime` | Resource set creation timestamp. | | `lastUpdated` | `resourceSet.lastUpdated` | `datetime` | Last resource set update timestamp. | The built-in resource set `Workflows Resource Set` has the `WORKFLOWS_IAM_POLICY` identifier in all Okta organizations. To make it unique, the collector adds the organization domain name as a suffix to the resource set's ID, e.g., `WORKFLOWS_IAM_POLICY@contoso.okta.com`. ## Sample Property Values ```yaml theme={null} id: WORKFLOWS_IAM_POLICY@contoso.okta.com name: Workflows Resource Set displayName: Workflows Resource Set oktaDomain: contoso.okta.com description: A resource set managed by Workflows Administrator created: 2025-10-22T13:29:26+00:00 lastUpdated: 2025-10-22T13:29:26+00:00 ```