| Exam Section | Percentage of Exam Related to Section |
| Identity and Access Management | 20% |
| Single Sign-On (SSO) Federation | |
| 12/17 Based on a given use case, demonstrate knowledge of whether SAML, WS-FED, or OIDC should be used | Preparation resources: - OIDC app integrations - SAML app integrations |
| Demonstrate knowledge of IdP versus SP initiated flows | Preparation resources: - SAML app integrations - Planning for SAML |
| Single Directory Integration | |
| Demonstrate knowledge of the Active Directory integration options with Okta | Preparation resources: - Import Active Directory users on demand - Install multiple Okta Active Directory agents - Active Directory integration prerequisites |
| User Lifecycle Management | 27% |
| Okta as a Directory | |
| Demonstrate knowledge of the purpose of Universal Directory | Preparation resources: - About user account status - Create group rules |
| Demonstrate knowledge of custom attributes, mappings, and data transformation | Preparation resources: - Active Directory attribute mappings to Okta properties - Map application attributes on the Provisioning page |
| Provisioning | |
| Demonstrate knowledge of when to use Okta user states and statuses (active, suspended, password reset, etc.) | Preparation resources: - About user account status |
| Demonstrate knowledge of how to use app assignments, requests, and automations to provision applications to users | Preparation resources: - Provision on-premises application - Provision applications |
| Security | 27% |
| Basic Multifactor Authentication (MFA) | |
| Demonstrate knowledge of authenticators, factor types, and method characteristics, enrollment, and reset | Preparation resources: - Multifactor Authentication - About MFA authenticators |
| Policies | |
| Demonstrate knowledge of Okta policy types and their functions | Preparation resources: - Global session policies - Authentication policies |
| Devices, Passwordless Authentication, and Okta FastPass | |
| Demonstrate knowledge of passwordless authentication and Okta Fastpass | Preparation resources: - Devices - Okta FastPass |
| Demonstrate knowledge of Okta Verify | Preparation resources: - Configure Okta Verify options - Multifactor Authentication |
| Administration and Troubleshooting | 27% |
| Logging and Reporting | |
| Demonstrate understanding of Okta System Log and reports | Preparation resources: - Customer Data Retention Policy - Reports - System Log |
| Be able to use the Tasks section of the dashboard to monitor tasks | Preparation resources: - Monitor your tasks |
| Customer Support Practices | |
| Demonstrate knowledge of the Help and Support Process (including Trust.okta.com and the Okta help center) | Preparation resources: - Okta Status Page - How to Create a Support Case - Okta Customer Support and Success Services |
Part II subject areas
The following table lists the use cases and tasks that are assessed in this exam. Each task in the exam is demonstrated in one of the resources that are provided in the table. Use this list as an outline to guide your study and validate your readiness for the exam.
| Use Case | Percentage of Exam Related to Use Case |
| Account Creation | 25% |
| Configuration tasks: - Create users - Create a custom attribute - Assign admin roles - Update user profiles - Create groups - Create group rules - Assign users to groups | Preparation resources: - Manage users - Administrators - Edit users attributes - About groups - About group rules - Manually assign people to group |
| Application Setup with OIN | 30% |
| Configuration tasks: - Add an app integration from the Okta Integration Network - Set up inbound SAML - Set up lifecycle management - Assign a group to the application - Verify a user can access the application | Preparation resources: - How to configure SAML 2.0 for Okta Org2Org application - Configure provisioning for an app integration - Assign a single app to groups - Manage users |
| Security Enforcement | 25% |
| Configuration tasks: - Add and remove authenticators - Configure enrollment options for authenticators - Create a Global session policy rule - Define an authentication policy and rule | Preparation resources: - Multifactor Authentication - About authenticator enrollment policies and rules - Global session policies - Authentication policies |
| Attribute Mapping and Offboarding | 20% |
| Configuration tasks: - Define attribute mappings to push attributes from Okta to an application - Deactivate a user - Verify a user is deactivated | Preparation resources: - Map Okta attributes to app attributes in the Profile Editor - Deactivate and delete user accounts - Manage users |