Okta Workforce Identity Reviews

We used Okta Workforce Identity for SSO, MFA, life cycle management, as well as the external identity and access management for external customers. We used the solution internally for accessing all applications, so we had an Okta software portal where we could then start any application we wanted.

The biggest benefit my company gained from Okta Workforce Identity is that everything just works securely so that all your managed devices can access all your applications without any hassle because they are trusted devices, but if you want to use your father's or mother's PC to access the company application, then it will ask more MFA (multifactor authentication) steps.

What I found most valuable in Okta Workforce Identity is that it worked together with VMware Workspace One, so there was this device check at the same time. My company used the trusted device method that enabled you to define that only the trusted devices including the Workspace One agent were able to access the applications directly without an additional authentication step.

A room for improvement in Okta Workforce Identity is its price. It could be cheaper. The biggest benefit of the solution is that everything works securely without extra steps, so you're saving on your workforce's time and effort because your applications work smoothly and securely, but you'd need to pay some amount of money for that.

Another area that could be improved, though not necessarily regarding Okta Workforce Identity, is the SSO applications because so many of the source applications charge extra money to put the SSO to work, which means you have to buy a more expensive license. Nowadays, SSO is a mainstream functionality and it should be out-of-the-box in those applications because it's so easy to set up.

I've worked with Okta Workforce Identity since 2014, though I just changed my workplace, meaning I left the company where the solution was being used. I did have experience with it within the last twelve months.

Okta Workforce Identity is a stable solution. It's always on, though once there's been some hiccup in the US time zone that didn't affect my company.

Okta Workforce Identity is a scalable solution.

There were times I needed to escalate some questions to the technical support team of Okta Workforce Identity, and on a scale of one to ten, with one being the worst and ten being the best, I would rate support a nine out of ten.

Positive

Setting up Okta Workforce Identity has to be done gradually because you have to change the log-in methods for every application, meaning you need to turn them on. For example, now you'll start to use Okta Workforce Identity for Office 365. Next, you'll use it for Zendesk. You cannot do everything at the same time, so you have to make a gradual plan over a couple of months, then you turn on all of the new applications for authentications to be done with Okta Workforce Identity.

Deploying the solution took two months.

The implementation of Okta Workforce Identity was done in-house because my company had a lot of ready-made integrations with the solution, but sometimes you need to ask for help from the third-party software vendor, particularly to turn on some features, so your third-party software integrates with Okta Workforce Identity, for example, you'd need to have the SSO feature turned on, etc.

The pricing for Okta Workforce Identity could still be improved or made cheaper. It costs from 50 to 100 euros a year per user.

Okta Workforce Identity has different packages you can choose from, and my previous company had all of them, particularly the full Okta suite. We went with the full suite because you can also use it in the new employee onboarding process, so when you get a new employee, you can authorize Okta Workforce Identity to provision all the applications automatically so that when you create the new user and you put that user into a certain user group, then he gets all the applications provisioned automatically. For example, for Microsoft 365, the solution creates the user, puts that user in the right place, and also adds licensing, so my company was using Okta Workforce Identity as well for the onboarding of new employees.

In the organization I previously worked for, I also used VMware Identity Manager, apart from Okta Workforce Identity. Those two solutions work together, and though they have a little bit of competition, VMware Identity Manager and Okta Workforce Identity complement each other. Okta is the master identity solution while with VMware Identity Manager and Workspace ONE, you can create the aspect of the trusted device so that when you have a trusted iOS, Android, Windows, or Mac device, it will check whether it's trusted, via VMware, and then transfer the authentication to Okta Workforce Identity and everything works just smoothly, so Okta knows that this authentication comes from a trusted device and it can pass further without any additional MFA.

Okta Workforce Identity isn't an on-premises solution.

My company had three hundred users of Okta Workforce Identity at the time.

In terms of maintenance, you just need to make configurations on the console. There was no scripting or coding, so you just have to use the console and know what you're doing.

I would recommend Okta Workforce Identity to others who may want to start using it. My advice for new users is that it's important to understand the trusted device and zero trust methodology, so that when you have devices to manage, for example, with Workspace One, and you combine that with Okta Workforce Identity authentication through VMware Identity Manager, you'll get the full picture. This is so you can ensure that everything works together because knowing only the identity and access management without the device management and trust would be just half the story.

I'm rating Okta Workforce Identity nine out of ten.

We used the solution for domain control and password management. In my previous company, they had 40 different products. We used Okta for single sign-on management.

AuthO is a highly customizable access management tool for applications. When I want to integrate an application and enable SSO, it provides a single-click operation. It is very easy. Okta enables us to integrate with customers' domains quickly. It's one of the biggest advantages. The development team can easily pull out APIs and quickly code for identity management.

It also provides multifactor authentication features. The tool helps improve our security and productivity. We can easily pull up the APIs and integrate them quickly. We would have had to build our own solution if not for Okta. Okta has saved us tons of money by removing the pain of building a tool. It is easy to use.

We had some implementation issues.

I have been using the solution for about three years.

The tool is scalable.

The support was very good.

Positive

It is a SaaS product. It took us less than a month to implement the solution in our organization. However, it took a little longer for us to deploy the tool for our customers because we had to do it product by product. We deployed it for our customers in three to four months.

We paid a license fee for our own use. For the customers’ use cases, we had an OEM model and paid a small percentage of the fee. We had a very nice Okta team. The overall cost was not bad.

I am working with Keeper in my current organization. The business case is different. I'm not looking at integrating with customer's domains or products. I use Keeper primarily for personal use cases. Okta is a very good product. Overall, I rate the product an eight out of ten.

We use Okta Workforce Identity for single sign-on (SSO).

One of the most beneficial features of the solution is the user provisioning and the de-provisioning feature. With the solution's universal directory, you can have all the user attribute information in one place. You can store it on Okta instead of in multiple places like your AD, applications, or different IdPs. You can get all the user attribute data onto your Okta, and then you can customize it. Okta allows you to modify the user attributes, which is also one of the useful features of Okta Workforce Identity.

Because it's a password-less authentication for personal sign-on, users don't need to use a password for it. That's how Okta comes into the picture, where it identifies the user based on the certificates for authentication. In that way, it also doesn't reveal the user identity to the applications if there is a man-in-the-middle (MITM) attack.

Okta Workforce Identity uses the System for Cross-domain Identity Management (SCIM) protocol for provisioning and de-provisioning. That is also one of the benefits of having your application's functionality on a platform like Okta Workforce Identity. It's easy from an admin point of view because when you de-provision a user on Okta, it will remove all the access from the respective applications without needing anything at the application level.

Because it's a cloud-based platform, installing the agents is the only integration you need to do in your current environment. You can have their agents installed on your Active Directory servers.

The integration is quite easy for other cloud applications. They have their own catalog of all the applications you can search and integrate. Applications like Microsoft Office 365 and Salesforce are already hosted on Okta. It's just a matter of configuring the applications with your company's metadata into your applications.

The solution's user interface needs to be improved and made easy. It has a lot of repetitive things. The solution should have a single pane of interface for admins.

I have been using Okta Workforce Identity for six months.

I rate Okta Workforce Identity an eight out of ten for stability.

Since it's a cloud-based platform, I haven't faced any scalability issues with Okta Workforce Identity. Our clients for Okta Workforce Identity are enterprise businesses.

I rate the solution an eight out of ten for scalability.

The solution's technical support depends on the service level. Okta has certain packages, like gold or silver levels. If you have a silver-level agreement with Okta, you can get the right support at the right time.

Neutral

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup an eight out of ten.

Okta Workforce Identity is one of the market's leading and stable identity solutions.

Overall, I rate the solution an eight out of ten.

Okta provides island access management solutions, which means that anyone who needs an IIM solution can get it through Okta. For example, if you have 30-40 applications and users that need to log in to all of them, Okta can integrate all of the applications into a single point of access where users can log in once and use the same session for all of their applications. Okta also provides multi-factor authentication and other security policies to protect your users and applications.

We have multiple SSO protocols that we use for our different data centers. This is just one example of how we use Okta workforce identity to address our hybrid workforce needs. Apart from SSO, we also have Active Directory integrations that allow us to integrate with customer active directories and use active directory passwords for application sign-in and runtime authentication. This is called daily header authentication. This allows us to provide a centralized identity management platform for our users, regardless of where they are located or what applications they need to access. We can automate the process of adding users to Okta if they are activated in Active Directory, or if they are added to the database of applications or Active Directory in the last couple of days.

Currently, it has two-factor authentication. In addition to biometrics, it should offer three-factor authentication. Also, the training is too costly. Okta could reduce the training cost to make it easier.

I have been using Okta Workforce Identity as a service provider for four years.

I rate the solution’s stability a ten out of ten.

The solution’s scalability is huge. It has 99.9% service availability. We cater this solution to enterprises. I rate the solution’s scalability a ten out of ten.

The initial setup is easy. Once you understand the steps, it's straightforward. There are three steps: enrolling users, removing tenants, and updating field metadata from outside the application and SaaS integration. Deployment depends on the number of occasions, testing, and the users. If you have 30,000 users, you will need two months. I rate the initial setup a ten out of ten.

The solution is suitable for everyone, but it is locked up for a total number of years. Overall, I rate the solution a ten out of ten.

We are primarily trying to uncover the differences between this product and JumpCloud. 

Okta has its own Active Directory, which is the main core of your identity and from Okta, you can easily reply to other services, like Google Workspace. You can synchronize everything.

It is very easy to implement. We just followed the documentation and followed the steps to connect to our services. They have all of these recommendations in place. If you follow the process, it's very straightforward. 

The synchronization of services is very easy. 

It offers very helpful support. The technical team is very helpful. 

It is scalable.

The solution is always very stable and reliable. 

I'm not sure what areas need improvement. They are at the top in terms of identity management. I can't find any shortcomings. 

We don't need any additional features as it covers more than our needs. It's a massive tool. 

The solution is very expensive.

We have tried a 30-day trial and implemented in our lab.

The stability is great. I'd rate it eight out of ten. There are no bugs or glitches. It doesn't crash or freeze. 

We have temporary accounts right now. We have six or eight accounts and the same number of devices. 

The scalability is pretty good. I'd rate it eight out of ten. It can expand. 

Technical support is excellent. They are helpful and responsive.

Positive

I've also used JumpCloud and have started to compare these two solutions. 

The initial setup is complex. However, you have all of the documentation and if you follow the directions, you can manage the setup well. It will be done correctly. Also, if you need help, their support is also available, and they are quite helpful. 

We had two people handling the deployment. 

It might take a lot of time to achieve an ROI. However, it simplifies a lot of duties. Likely, you'd see a return in the future. 

We are using the 30-day free trial.

The solution is expensive. I'd rate it one out of ten in terms of affordability. 

I cannot recall the version we were using. However, my understanding is that the trial version is the same as the full solution. 

You do have to follow the documentation for your specific case. Okta is a massive tool. It covers a lot of use cases and likely will cover more of the company's actual needs. It's a good idea to be specific about your needs.

I'd rate the solution ten out of ten. 

Intergated on-prem and cloud applications on multi-tier domains and user identity accessing applications hosted on cross domains. Full fleged automation using AD and Okta groups for app assignment. 

Lifecycle Management of apps on our Okta tenant. 

• Central administration of Apps
• Auto activation of user accounts/ Just-In Time Provisioning
• Global App availability
• Less or No Administration required

1. Active Directory Sync, as its useful for pre-assigning apps, can also be used for de-provisioning apps for exiting users

2. Shared apps with common password can now be managed centrally without revealing the credentials

3. User and Apps Management

4. Desktop Single Sign On

5. Auto-provisioning

6. Flexibility to integrate In-house applications

7. Password Self Service

8. Support non-domain users

9. Group based app assignment (okta, AD, pushgroup)

10. Adaptive MFA

11. Workflow for app requests

Command line access

Reporting

Since 2015

It's very stable we have 99.999% uptime on the base

Very high and secure, we have more than 170+ apps secured for sso

Customer Service:

9 out of 10

Technical Support:

9 out of 10

Yes, we had previously used a different solution which was replaced by Okta. Non-scalability was the major drawback of our previous solution.

Initial setup is straightforward, simple and easy to manage

Some apps needed assistance from Okta support team.

Setup is simple if you are an AD admin, cost comparison is nominal compared secured access

KB article from Okta is very detailed just spend some time on the okta

I use the solution in my company for its single sign-on capabilities and for secure authentication.

The feature I like the most above the product stems from the fact that the tool allows for integrations. One can integrate multiple applications with the product's single sign-on capabilities, meaning with a single username and password, you can access multiple applications. If you have 50 applications, then you need not provide a y different username and password to log individually into each application. With the single sign-on capabilities, you can log in to multiple applications using Okta Workforce Identity. Okta Workforce Identity can be used to deal with configurations and several integrations. One can access multiple applications without having to provide multiple usernames and passwords. You don't need to remember multiple usernames and passwords when you have Okta Workforce Identity. Okta Workforce Identity also provides security to its users by providing MFA features. There are also a lot of workflows available in the product, which can be beneficial for users.

The high cost of the product is an area of concern where improvements are required.

I have been using Okta Workforce Identity for a few months. I have just started to work with the product, and so I don't have much exposure to it.

Stability-wise, I feel it is one of the top most products in the market. There are very few products in the market, like the ones from Azure which are similar to Okta, which offers some of the best solutions in the market.

It is a scalable solution. For each and every feature that our company uses in the product, there is a need to make payment to Okta, making the solution costly.

The solution's technical support is good.

I have not done the product's initial setup phase.

It is always beneficial to use the product since, with the single sign-on feature, users can also provide and get access via mobile app. If you are not able to access the product, you can do certain configurations with the help of automation. Everything is possible in the product with the help of its automation tools and monitoring policies.

The product's price is high. For each feature, a certain payment is required.

The product helps improve our company's employee onboarding process because the solution has integrations with multiple applications.

The single sign on capabilities of the product is one of the best, especially in terms of its ability related to configurations.

The product has an in-built MFA feature. When someone tries to sign in, the product asks for the authentication ID.

I recommend the product to others. It is one of the best products in the market. There are some people who use SailPoint instead of Okta Workforce Identity.

I rate the solution a nine out of ten.

Okta has recently built Okta Identity Engine (OIE). It has a lot more capabilities than the classic engines. The certificate-based system is one thing, and third-party tools like Intune and Jamf for iOS devices. There is a trust relationship between these device management tools, and that contributes to control over the end-user devices.

Scalacity was a company acquired by Okta, and its technology was integrated into Okta's Advanced Server Access (ASA) product.

Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products.

Okta can import many attributes into the Okta profile and send attributes from the engines. Multiple sources of truths and profile inheritance are done in granular ways. This plays a major role in ABACs going forward.

Okta's MFA features are good. Okta is looking forward with more on the push or less, relying on the Okta Verify factors. It also has extensive capabilities. It's adopting a layer-by-layer upgrade in developing the policies, like MFAs.

Okta has more when it comes to the policy level. It has distinctive features where you can do a mix and combination to have users access applications for various business cases. That's something unique and a selling feature.

Okta has a limitation with directory integrations. If you have multiple Active Directory integrations, the user distinguished name (DN) and the manager DN don't get imported properly into the Okta user profile. It has a property of Get AD user's property, but that has limitations when writing an expression language to import changes or updates to user DNs or manager DNs from AD, especially if you have AD master users.

Also, Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning. Even if only one attribute gets updated, even though it is unmapped, it can override other values in the downstream application by nullifying the query. That's the biggest flaw in my experience.

The product releases a lot of brand-new features within the quarterly releases.

It's definitely the leading Identity Access Management cloud platform. I have experience with Okta for almost six to eight years now.

I've been an Okta-certified consultant since last year. I got an opportunity to work on the workforce as well as the customer side.

I have experience with more than eight Okta tenants parallelly due to various business cases across my career. Ultimately, this product itself is a pioneer in Identity Access Management.

Scalability works very well. I've worked so far with Okta. It's like the heartbeat of that company. If Okta goes down, people are unable to authenticate anywhere. They can't get into applications. So there's a lot of dependency on Okta within the businesses and environments that I've seen so far. It's very critical.

The customer service and support are awesome. They have a CSM assigned for each organization, and they are pretty much responsive to any events that occur. Or if there are any escalations or incidents that impact the business, they're pretty much around in a timely fashion to support the organization.

We have the flexibility with our CSMs to reach them in any manner, email or phone, and they're available most of the time.

Positive

We have long relationships with other vendors for things like Identity Governance and Privileged Access Management. But one thing I've noticed is that Okta has been expanding into wider ranges. 

But, there are limits and restrictions to the existing features, which are not fully developed yet. Okta have added a lot of tech in the last couple of years.

I'm not a hundred percent sure about the return of interest because it is very much dependent on the size of the organization.

I came from smaller organizations working, like, midscale to, like, large scale. So overall, like, the security breach, like, there are, like, two to three security breaches that have happened, but nothing has been damaged so far for the organization.

So, investing more in Identity access management is a critical investment for any operation as applications are moving to like cloud and SaaS-based. So, there is a dire need to protect the digital identities of enterprise tech employees as well as their customers.

There are a lot of features you can automate. Okta Workflows is a key feature that has a separate pricing than adaptive MFA or SSO. It's a combination, but Okta has features and capabilities to reduce the IT burden. Within my experience, it's been helpful so far with a lot of overhead work that comes with onboarding and offboarding.

The pricing itself is a bit more expensive than the other products in the market so far. Since I know the product is in full demand. But, again, the price texture, features, and everything suits well for small to medium.

But, for larger organizations, it's more expensive than the other platforms. But, usually, licensing is a bit expensive.

I definitely recommend Okta. It has all the features you can utilize to protect any organization's digital entities. Considering a lot of other factors, like cost and the overall features the company wants to use. If you want to use Identity Governance, Identity Access Management, or Privileged Access Management, that's a different story. It's also a different story if you're using other products for different needs.

Overall, I would rate the solution an eight out of ten.