Okta must be configured to accept Personal Identity Verification (PIV) credentials.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-273204 | OKTA-APP-001670 | SV-273204r1098879_rule | Medium |
| Description |
| The use of PIV credentials facilitates standardization and reduces the risk of unauthorized access. DOD has mandated the use of the common access card (CAC) to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems. Satisfies: SRG-APP-000391, SRG-APP-000402, SRG-APP-000403 |
| STIG | Date |
| Okta Identity as a Service (IDaaS) Security Technical Implementation Guide | 2025-05-06 |
Details
| Check Text (C-77295r1098877_chk) |
| From the Admin Console: 1. Go to Security >> Authenticators. 2. Verify that "Smart Card Authenticator" is listed and has "Status" listed as "Active". If "Smart Card Authenticator" is not listed or is not listed as "Active", this is a finding. |
| Fix Text (F-77200r1098878_fix) |
| From the Admin Console: 1. Go to Security >> Authenticators. 2. In the "Setup" tab, click "Add authenticator". 3. Select the configured Smart Card Identity Provider and finish configuration. |