Overview
Policies in Okta define the rules and conditions that govern authentication, authorization, and security behaviors within an organization. They control aspects such as password requirements, MFA enrollment, session management, and application access.
In OktaHound, policies are represented as Okta_Policy nodes.
Edges
The tables below list edges defined by the OktaHound extension only. Additional edges to or from this node may be created by other extensions.
Inbound Edges
Outbound Edges
| Edge Type | Destination Node Types | Traversable |
|---|
| Okta_PolicyMapping | Okta_Application | ❌ |
Properties
| Name | Source | Type | Description |
|---|
id | policy.id | string | Unique policy identifier. |
name | policy.name | string | Policy name. |
displayName | policy.name | string | Display-friendly policy name. |
oktaDomain | Collector context (non-API) | string | Okta organization domain where the policy exists. |
description | policy.description | string | Policy description text. |
type | policy.type | string | Policy type identifier (for example OKTA_SIGN_ON, ACCESS_POLICY, PROFILE_ENROLLMENT). |
priority | policy.priority | integer | Policy evaluation order priority. |
system | policy.system | bool | Indicates whether the policy is system-managed. |
created | policy.created | datetime | Policy creation timestamp. |
Sample Property Values
id: rstw0o8il8ktUxo3t697
name: Okta Account Management Policy
displayName: Okta Account Management Policy
oktaDomain: contoso.okta.com
description: This policy defines how users must authenticate for authenticator enrollment, password reset, or unlock account. Password policy rules control whether to enforce this policy for password reset and unlock account.
type: ACCESS_POLICY
priority: 1
system: false
created: 2025-10-02T09:21:37+00:00
Policy Types
The following policy types are supported by Okta:
The OktaHound collector specifically reads the IDP_DISCOVERY policies to check
if the Agentless Desktop SSO feature is enabled in the organization through at least one such policy.
