gabrielsroka
commented
1 year ago mv3
rockstar uses mv2
Thanks for the long post. Okta orgs (aka tenants) are stored on okta.com, okta-emea.com (older EMEA orgs -- newer ones use okta.com), oktapreview.com (for preview), or okta-gov.com (for gov). if you have a preview org, you know what it is. if not, you can disable it.
toddalbers
Disclaimer: I am not an expert on rockstar or Google extensions (or Manifest V3), but I believe this guidance below is correct. However, corrections\suggestions are welcomed. Also, if there is a better place to post this please let me know. Or feel free to just move it over or add it to an applicable page\article.
My intention with this post is to help anyone who is unsure of what to do about recently getting the message shown below when opening Chrome, but are unsure of what to do about it.
Everyone has different levels of experience and expertise. So, I could see this message causing some users concern as to why they are getting it and what to do about it.
If you are experiencing this, it is very likely because your Rockstar Chrome extension was upgraded from version 0.23 to version 0.25. You can check your version of Rockstar by going to Settings\Extensions in your Chrome browser. Then find the "rockstar" extension in the extensions listed. It is likely showing as disabled if you are experiencing this issue. Click on the "Details" button for "rockstar". On Details page you should see 0.25 under Version.
On that page, under "site access" you will see the following 4 sites listed with a toggle button for each one.
https://*.okta-emea.com/ https://.okta-gov.com/ https://.okta.com/ https://.oktapreview.com/*
If your Okta installation does not interact with .gov (governmental) sites\services, then you can disable that site on this "Details" page.
Understanding why this happened: If you look at the most recent change for Rockstar (version 0.23 to 0.25), you will see that the Manifest was recently changed to basically add the new "https://*.okta-gov.com/*" site. You might notice it also changes the version of rockstar from 0.23 to 0.25.
The addition of the https://*.okta-gov.com/* site is what caused Rockstar to become disabled and prompt you for permissions for this site. If your organization is not a governmental entity, you probably don't need it and can disable it. Disable it. Then you probably need to re-enable rockstar at the top of the page right under "Description".
You may want to evaluate the the other three options besides https://*.okta-gov.com/* listed under site options. To understand them better, see OTHER SUGGESTION 1 below.
Hope this helps someone.
OTHER SUGGESTION 1 There probably should be some explanation of the options that show up under "site access" in Google Chrome's settings\extensions page for rockstar. Which ones are "required" and which ones are "optional"? What is each one relative to the others? (like: what is okta-emea.com vs. okta.com? And is oktapreview.com required to be enabled? If so, why?) I think with the growing concerns about security these days, rockstar should probably explain these things better.
I would suggest putting these explanations on this page on Okta's site. I think it should describe all 4 sites (listed above in this post) for Rockstar on Chromes settings\extensions\Rockstar page so a user can make an informed and educated decision regarding which sites they choose to enable or disable. This article should also help some users understand better when a new site is added and disables rockstar via a version update like this update did.
OTHER SUGGESTION 2 On the rockstar homepage it states the following.
I am wondering if this might better if it said something like the following.
Hope this helps.