STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← IA-13 (03) — Identification and Authentication

CCI-005165

Definition

Access tokens are issued in accordance with organization-defined identification and authentication policy.

Parent Control

IA-13 (03)Identification and AuthenticationIdentification and Authentication

Linked STIG Checks (3)

V-274848CAT IIThe API must issue access tokens in accordance with organization-defined identification and authentication policy.Application Programming Interface (API) Security Requirements GuideV-279689CAT IIOkta API tokens must be configured with Network Zones to restrict authorization from known networks.Okta Identity as a Service (IDaaS) Security Technical Implementation GuideV-279690CAT IIOkta API tokens must be created under new dedicated user accounts.Okta Identity as a Service (IDaaS) Security Technical Implementation Guide