Okta Platform

I use Okta Platform  for single sign-on and managing the authentication process. I have used all of the geofencing features for security purposes. In the current field of cybersecurity, I have been working for seven years specifically.

My favorite aspect of Okta Platform  is that it is really user-friendly. The admin configuration UI is user-friendly when you view it.

I have worked on Okta Platform's IGA  features, and they were not great or up to the mark. While they were trying to get new features, it was not working as expected at that time when it was in beta. There are some features, especially on the customization side, that cannot be customized, and there are a few things that would be nice to customize as well.

I would like Okta Platform to protect non-human identities in the environment, such as service accounts.

In terms of industry or regulatory requirements, it depends on the person implementing Okta Platform. All necessary protocols need to be followed, but I don't think Okta Platform has set any templates to ensure these protocols are being followed. It would be a nice-to-have feature where they could set some templates and provide guidance on what can be implemented.

I have been working with Okta Platform for five to six years overall.

Okta Platform is stable with very few instability issues.

Okta Platform is 100% scalable.

I have had to contact technical support for Okta Platform many times.

The speed and quality of their answers depend on the nature of the issue. Sometimes it was an easy fix, and sometimes I had to do a lot of back and forth. Speed is good initially, but depending on the problem nature, it becomes a little stagnant. However, I have no complaints as I think they have been super helpful. Even if they are not able to help, it goes to another team member, but they generally try to help.

I would give the support for Okta Platform a score of seven out of ten.

I have used alternatives to Okta Platform.

I was definitely there for the initial deployment of Okta Platform, and I would rate it as medium.

A team is required for Okta Platform. I don't believe we should be dependent on one person, and there should be people from many different teams involved. Even if there is not a lot of work, in all of my projects, Okta Platform has indicated that we need people. In one or two instances, Okta Platform professionals were not there to help, but I highly recommend someone from Okta to be there to guide us through the whole process.

Okta Platform requires maintenance on my end as a customer. It is 100% the customer's responsibility to maintain all features. Even if someone is going out of the company, there needs to be deactivation, so everything needs to be maintained by customers of Okta Platform. With respect to features and patches, sometimes they release a few patches that we will have to update ourselves, but in other cases, they try to do some silent pushes. However, it totally depends on how Okta Platform chooses to do it.

Overall, regarding the pricing of Okta Platform, I think it is a little expensive.

The biggest differences that come to mind are that, positively, Okta Platform is more user-friendly, but negatively, Okta Platform is way more expensive than a few other products in the market.

I have used Ontra, Ontra ID, PingID, SiteMinder , SailPoint, and Saviant, which are not exactly competitors to Okta Platform but somewhat similar.

How long it took to finish projects with Okta Platform from start to finish depends on multiple factors. I have done many projects with Okta Platform, starting from overnight to even a week, so it depends on the customer as well, on what is being implemented, and what the go-live date is for the particular time. The deployment depends on a client-to-client basis. My overall review rating for Okta Platform is eight out of ten.

I use Okta Platform  as an administrator to set up new SAML and SSO  apps. We also use the governance module as well. We also use the automation functions with workflows. We use it mainly as our main identity platform. I have been using it at all my past companies.

What I appreciate about Okta Platform  is that it is most of the time a very good no-code platform. It allows us to set up new SSO  integrations quite easily, even if the app doesn't really support SSO natively. It is pretty easy to configure on Okta Platform.

Okta Platform has impacted my organization positively by providing convenience, first of all. There are no more different passwords for many different apps, since SSO doesn't really require password storing. Security has also improved because we eliminate a very big weak point that passwords represent. Additionally, we maintain control to ensure we only give access to the necessary apps to the necessary people.

I would definitely see improvements in the governance module of Okta Platform. The way we do certification of accesses, certification campaigns, and access requests could be improved. A better way for users to actually request an instance in Okta Platform, for example, an app, without having to use a third-party integration for ServiceNow  or Jira  Service Management, would be valuable. Having something built in to Okta Platform would be beneficial.

From the features perspective, functionality-wise, I would see recent features included in Okta Platform. Our company works on a hub-and-spoke model, and Okta Platform did introduce a way to have more of a federated level. What they call claim sharing, and we really would appreciate a bit more improvement on that functionality, since that functionality helps us to have a single identity on a hub and pass that identity to the other spokes and have seamless login between all of them. Claim sharing helps with that, but the function is still not the best, especially related to authentication policies. There are still some issues, especially when we have some mismatch between the authentication policies on different spokes. I definitely would appreciate some more improvements. Additionally, I would appreciate a bit more improvements on the logging features of Okta Platform, which still are not the best.

I have been working with Okta Platform for more than five years at this point.

Regarding the Okta Platform, it has been stable. We do have different cells in different countries since we work on a hub-spoke model. On our EMEA cell, it has been quite stable. We did have some problems before on our US cells in these past few months, but nothing too serious. Most of the time, issues happen after hours on the US market. On our EMEA side, there have been no issues in these past few months.

I find Okta Platform scalable and have not hit any limitations or scalability issues with it. We do have a good contract with our vendor that allows us to set up new users at any time and they basically review the contract a year after if we need to have more users. We really don't have scalability issues.

If I would evaluate customer service and technical support of Okta Platform from one to ten, I would say a very good nine. We do have a very good relationship with our customer support representative, customer support manager in this case, or CSM. We also have a dedicated Okta Platform tech that we go to with more high-level questions. The level one support with the normal ticketing system from Okta Platform works pretty well most of the time. I never faced any issues, and if we need to escalate it for more complex issues, we can go to our dedicated tech manager support or our customer success manager and they are pretty quick to respond.

I have mainly used Okta Platform. I did use a bit of Ping Identity, but it was so long ago that I really don't remember a lot of the platform at this point.

When it comes to the deployment process of the initial setup with Okta Platform, we definitely faced some complexities, especially related to the way users authenticate. Sometimes authentication policies are a bit buggy in the sense that sometimes they really don't detect the correct browser that the user is using or there are issues related to the location of the user. The part of security authentication sometimes really doesn't work as well as it could. We did experience some problems in that sense.

The deployment of Okta Platform was implemented fully in-house.

We did look at other solutions as well, such as One Identity and Ping Identity, before choosing Okta Platform. We decided to go with Okta Platform since it was the more complete option on the market at the time, with all the necessary functions that we had, especially related to authentication policies. It also had a better catalog of pre-built apps as well, so it was a bit more simple. We also started looking a few years ago to maybe replace Okta Platform with Entra ID, because we also did have Azure  products, but we decided to keep Okta Platform because Okta Platform still has much more documentation and much more time in the market. Their solution is a bit better in that sense.

My best piece of advice for others who are looking into implementing Okta Platform would be related to the knowledge base. I would make sure people read through the main knowledge base from Okta Platform, so the main steps of integrations. One of the good advantages of Okta Platform is that most applications and authentication are all the same, since it uses base protocols such as SAML or OIDC. If you are able to build one, the other ones are pretty easy to build. Go through the knowledge base that Okta Platform has, which is very rich for understanding if it is actually a good solution for your problems. If it is, Okta Platform would be a good solution to use.

The AWS  services that are integrated or secured through Okta Platform mainly include AWS  Cloud directly for cloud computing purposes.

Okta Platform does protect non-human identities in our environments, such as service accounts. We have the perspective that we can monitor the access, so who actually accesses the accounts and who is the manager of those accounts. We maintain password rotation and password policies for those types of accounts, which are different from a normal user account. Okta Platform helps us with that.

Related to the financial market, Okta Platform helps our company address specific regulatory requirements because we need to be SOX compliant, since we are a public traded company. Okta Platform helped us with being SOX compliant.

I have noticed measurable security and operational improvements in our cloud-based workloads since implementing Okta Platform. One of the main ones is access to AWS cloud environments. Thanks to Okta Platform, we can set up push groups to the AWS IAM  module. We can actually give access to specific AWS spaces to specific teams in this case. For example, if we have a cloud team that works on a specific region, we can give access to an Okta Platform group to that specific team, and they will have access to that AWS cloud space. We have a lot of that, and it helped us a lot.

I would rate this review a nine overall.

Use cases include onboarding SAML applications, onboarding OIDC applications, onboarding third-party vendors for accessing these applications, enabling single sign-on across internal and external applications, enabling multi-factor authentication, and enabling adaptive authentication that triggers based on risk score.

Okta Platform  is among the market leaders in this space. They have numerous integrations available out of the box, and some of the functionality beyond access management is also there, such as IGA  capabilities and PAM capabilities. Overall, I have had a good experience.

Okta Platform  has been in the industry for a while, so they have become quite mature in terms of product. The product is robust and does not have many bugs in it. They offer a range of out-of-the-box connectors, so you can quickly onboard target applications without custom integration. The ease of integration with multiple other applications is a key point I would highlight.

The main benefit is single sign-on. All access management solutions, including Okta Platform, provide single sign-on capability and multi-factor authentication capability. These are the two core functions any organization should implement. Beyond that, they also offer advanced capabilities such as passwordless authentication, so you can integrate your FIDO2 equivalent devices and enable passwordless authentication to your applications. These features are basically why they are quite famous in the market.

Okta Platform secures access to cloud infrastructure, APIs, containerized workloads, and AI and GenAI services in a similar way to how they do SAML and OIDC. Recently, they have rolled out some capabilities in the GenAI or Agentic AI area, where they can secure AI agents and manage the provisioning and deprovisioning of their identity and access parts. Regarding web APIs and everything, they have solutions to secure API accounts, ensuring access is provided only to required users based on access control.

Okta Platform does have PAM capabilities, and there they onboard non-human identities and manage and govern them. They definitely have some of the latest capabilities, such as OpenID and OIDC connections that you can utilize for your cloud workload and manage access to your cloud provider. They also have some fine-grained access available, enabling segregation of duties. These improvements bring operational efficiencies as well.

Okta Platform is quite mature, but I would like to see more integration. While they have a vast range of integrations out of the box available, if their PAM and IGA  capabilities were more mature, then Okta Platform could be the single solution for everything, covering access management, privilege access management, and governance of identity. This would mean one would not need to take multiple products for specific identity needs in each area.

I have been using Okta Platform for seven to eight years now.

I find Okta Platform to be stable.

I believe Okta Platform is scalable. You can deploy it for 10,000 identities to 5 million identities. They have good elasticity and resiliency, so I find it quite scalable.

Both the tech support team and customer service team are good.

I have used OneLogin  in my past with one of my employers, and we were using OneLogin  for single sign-on, MFA, and passwordless journey.

The pros are that both Ping and Okta Platform have been in the market for a while, and they were among the first to provide single sign-on and MFA capabilities. They have become quite mature with multiple capabilities available, which is advantageous. They are enterprise-grade solutions and mature enough for any kind of organization to deploy. On the other hand, with OneLogin, there were some bugs I encountered, and I always needed to work with the product and R&D teams to get them fixed, so the product was not as mature or stable then. The pricing point for OneLogin is appealing, which draws customers in, but in terms of capabilities and features, both Ping and Okta Platform have a slight advantage.

Okta Platform is much easier to deploy.

I am using the SaaS deployment model.

Okta Platform has delivered ROI in two ways. First, it improves the security authentication and authorization processes across the organization, securing applications with single sign-on and MFA. Second, it helps cover compliance requirements, whether following SOCS compliance or any similar compliance. It assists in reducing user friction and the manual work of managing multiple applications independently while improving security.

I would not say Okta Platform is a cost-effective solution. It is an enterprise-grade solution, so it is comparatively on the higher side in terms of cost. It is not as cheap as you may find with other single sign-on products.

The main key feature Okta Platform is currently working on and has launched recently is Agentic AI for securing those Agentic AI identities. That is the one I would highlight as compelling at this moment, given that everyone is talking about Agentic AI.

My advice is to understand your requirements and decide your product based on that. Okta Platform could be good for enterprise customers because it serves multiple use cases and offers various capabilities, similar to Ping. If your requirement is very specific, then conduct an assessment and POC, identify your real use cases and future growth areas, and then make the investment to achieve real ROI.

Most likely, Agentic AI and healthcare are the two key industries. I would say everyone else as well, whether retail, pharmaceutical, or manufacturing. Everyone who wants to utilize single sign-on or multi-factor authentication tends to use either Okta Platform, Ping, or OneLogin, depending on the situation. I have not seen OneLogin in many customer environments. I would rate this solution an eight out of ten.