Okta: Identity Cloud Service

Okta is an identity cloud provider that connects your employees to different applications in a secure and delightful way. Okta's main product is Identity Cloud Service (i.e. identity as a service platform). It is 100% built in cloud with zero planned downtime.

IT benefits by having one central place for policy based management that governs which user gets access to which application. Employee benefits by using their Okta Single Sign-On homepage to easily access hundreds of applications by just remembering their Okta credentials.

Okta's products are subscription based. Following are different products that are available as part of Okta Identity Cloud service:

1. Single Sign-On: Enables employees to access hundreds of applications just with one set of credentials. For example, if employee has to access Docusign, expensify, netsuite, and salesforce, he/she can just login to Okta dashboard with one set of credentials and from there he/she can connect to each of these applications with one click without providing any other credentials for those applications. 

2. Universal Directory: Allows to manage users and their attributes. It is similar to Active Directory. It would also allow you to store custom attributes for a user.

3.  Lifecycle Management: Automates user onboarding and offboarding to many integrated applications. For example, you can configure Okta app to create user on specific app when that user is assigned that okta app. Also, Okta app can allow you to offboard user on that app when that user gets deactivated from Okta. Only limited set of apps support lifecycle management though.

4.  Advanced Sourcing: Allows to source employee information from Workday and Active Directory.

5.  Adaptive Multi-Factor Authentication: Allows dynamic policy changes and step-up authentication in response to changes in user and device behavior, location and other contexts.

6.  API Access Management: It allows developers to extend Okta's authentication and authorization policies to APIs.

7. Okta Access Gateway: Allows to extend Okta's identity solution to on-prem apps while providing ease of use for employees to access those apps from anywhere in a secure way

8.  Advanced Server Access: It allows developers to connect to servers (on-premise, AWS, GCP) using Okta's identity cloud service and without needing to store static ssh key on the server.

9.  Workflows: Allows you to automate identity processes at scale without writing the code.

Okta’s continued focus on ease of administration has made it easy for administrators to ramp up quickly on the platform. Additionally, Okta provides various levels of certifications for administrators to enhance their skills.

Cost and Vendor lock-in are some of the biggest limitations to keep in mind if you are evaluating this platform. Costs increase significantly as the number of users grow in an organization. The more applications you integrate, the more you can benefit from the platform, however it also then makes it difficult to switch over to new platform.

Competitors: Microsoft Azure AD, OneLogin, Ping Identity