We use Okta Workforce Identity for single sign-on (SSO).
Associate Security Architect at Tech Mahindra Limited
Has good provisioning and de-provisioning features
Pros and Cons
- "One of the most beneficial features of the solution is the user provisioning and the de-provisioning feature."
- "The solution's user interface needs to be improved and made easy."
What is our primary use case?
What is most valuable?
One of the most beneficial features of the solution is the user provisioning and the de-provisioning feature. With the solution's universal directory, you can have all the user attribute information in one place. You can store it on Okta instead of in multiple places like your AD, applications, or different IdPs. You can get all the user attribute data onto your Okta, and then you can customize it. Okta allows you to modify the user attributes, which is also one of the useful features of Okta Workforce Identity.
Because it's a password-less authentication for personal sign-on, users don't need to use a password for it. That's how Okta comes into the picture, where it identifies the user based on the certificates for authentication. In that way, it also doesn't reveal the user identity to the applications if there is a man-in-the-middle (MITM) attack.
Okta Workforce Identity uses the System for Cross-domain Identity Management (SCIM) protocol for provisioning and de-provisioning. That is also one of the benefits of having your application's functionality on a platform like Okta Workforce Identity. It's easy from an admin point of view because when you de-provision a user on Okta, it will remove all the access from the respective applications without needing anything at the application level.
Because it's a cloud-based platform, installing the agents is the only integration you need to do in your current environment. You can have their agents installed on your Active Directory servers.
The integration is quite easy for other cloud applications. They have their own catalog of all the applications you can search and integrate. Applications like Microsoft Office 365 and Salesforce are already hosted on Okta. It's just a matter of configuring the applications with your company's metadata into your applications.
What needs improvement?
The solution's user interface needs to be improved and made easy. It has a lot of repetitive things. The solution should have a single pane of interface for admins.
For how long have I used the solution?
I have been using Okta Workforce Identity for six months.
Buyer's Guide
Okta Workforce Identity
November 2024
Learn what your peers think about Okta Workforce Identity. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
823,875 professionals have used our research since 2012.
What do I think about the stability of the solution?
I rate Okta Workforce Identity an eight out of ten for stability.
What do I think about the scalability of the solution?
Since it's a cloud-based platform, I haven't faced any scalability issues with Okta Workforce Identity. Our clients for Okta Workforce Identity are enterprise businesses.
I rate the solution an eight out of ten for scalability.
How are customer service and support?
The solution's technical support depends on the service level. Okta has certain packages, like gold or silver levels. If you have a silver-level agreement with Okta, you can get the right support at the right time.
How would you rate customer service and support?
Neutral
How was the initial setup?
On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup an eight out of ten.
What other advice do I have?
Okta Workforce Identity is one of the market's leading and stable identity solutions.
Overall, I rate the solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Partner channel manager at Inactic
Offers user-friendly features associated with area like SSO and MFA
Pros and Cons
- "Stability-wise, I rate the solution a ten out of ten."
- "The product does not offer enough integration capabilities."
What is our primary use case?
I am just an end user of the product, so I don't know how the product is used in remote force management in our company. I use the product to help me log on to our company's security systems.
What is most valuable?
When I was traveling, I could get my OTPs through the tool's app, through my cell phone number or via an SMS,which makes it a flexible product. The tool is helpful even in areas involving emails. It is possible to use the product in another country and add an extra layer of security to it, proving that it can be a really secure platform.
What needs improvement?
I use the tool at a low level, so it does what I need it to do for me.
The product does not offer enough integration capabilities. I want the tool to provide more integration capabilities in the future.
For how long have I used the solution?
I have been using Okta Workforce Identity for two years.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a ten out of ten.
What do I think about the scalability of the solution?
It is an easily scalable solution. When it comes to the scalability features, the product has many options for people in different countries, offices, and remote locations.
I believe that there are around 1,500 users of the tool in my company.
How are customer service and support?
I did contact the product's support team when my password got locked out. I could even reset the whole password from Okta easily through the tool's internal app. The support team was good.
How was the initial setup?
The product's initial setup phase is straightforward.
The solution is deployed on the cloud since it is used at a company-wide level in South Africa.
What about the implementation team?
Though I am not sure, I feel that during the implementation phase, my company did seek the help of a consultant and our organization's in-house team.
What was our ROI?
In terms of benefits offered by the product, I can say that the tool has centralized our company's security and internal policies while ensuring that we stay compliant so that the users stay protected. With the product in place, no phishing attacks or any other types of attacks can cause a problem since it is a secure platform.
What's my experience with pricing, setup cost, and licensing?
Though I don't know about the licensing model of the product, I wouldn't be surprised if Okta offers a per user license subscription model.
What other advice do I have?
The employee onboarding process is okay if you use Okta Workforce Identity.
The SSO feature offered by the product is good, easy to use, and user-friendly. The tool also has a password manager as well.
The tool's MFA part comes as one of the strongest features of the product.
I feel that it is a good platform with a good security layer, especially when you are scaling out your business, and you have to manage a lot of areas.
I ate the tool a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Apr 10, 2024
Flag as inappropriateBuyer's Guide
Okta Workforce Identity
November 2024
Learn what your peers think about Okta Workforce Identity. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
823,875 professionals have used our research since 2012.
Service Delivery Manager at Cambridge Technology Enterprises (CTE)
Has multi-factor authentication and 99.9% service availability
Pros and Cons
- "We can automate the process of adding users to Okta if they are activated in Active Directory, or if they are added to the database of applications or Active Directory in the last couple of days."
- "The training is too costly."
What is our primary use case?
Okta provides island access management solutions, which means that anyone who needs an IIM solution can get it through Okta. For example, if you have 30-40 applications and users that need to log in to all of them, Okta can integrate all of the applications into a single point of access where users can log in once and use the same session for all of their applications. Okta also provides multi-factor authentication and other security policies to protect your users and applications.
What is most valuable?
We have multiple SSO protocols that we use for our different data centers. This is just one example of how we use Okta workforce identity to address our hybrid workforce needs. Apart from SSO, we also have Active Directory integrations that allow us to integrate with customer active directories and use active directory passwords for application sign-in and runtime authentication. This is called daily header authentication. This allows us to provide a centralized identity management platform for our users, regardless of where they are located or what applications they need to access. We can automate the process of adding users to Okta if they are activated in Active Directory, or if they are added to the database of applications or Active Directory in the last couple of days.
What needs improvement?
Currently, it has two-factor authentication. In addition to biometrics, it should offer three-factor authentication. Also, the training is too costly. Okta could reduce the training cost to make it easier.
For how long have I used the solution?
I have been using Okta Workforce Identity as a service provider for four years.
What do I think about the stability of the solution?
I rate the solution’s stability a ten out of ten.
What do I think about the scalability of the solution?
The solution’s scalability is huge. It has 99.9% service availability. We cater this solution to enterprises. I rate the solution’s scalability a ten out of ten.
How was the initial setup?
The initial setup is easy. Once you understand the steps, it's straightforward. There are three steps: enrolling users, removing tenants, and updating field metadata from outside the application and SaaS integration. Deployment depends on the number of occasions, testing, and the users. If you have 30,000 users, you will need two months. I rate the initial setup a ten out of ten.
What other advice do I have?
The solution is suitable for everyone, but it is locked up for a total number of years. Overall, I rate the solution a ten out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer:
Global Leader - Application Operations & Operational Excellence at a manufacturing company with 10,001+ employees
Identity access enhancement with good support and an easy setup
Pros and Cons
- "The most valuable feature is the identity access authentication."
- "There is a need for Okta to provide an end-to-end solution without needing a separate product like Zscaler for multifactor authentication."
What is our primary use case?
The solution is used to eliminate a VPN, provide identity authentication, and single sign-on (SSO). We use Zscaler authentication to manage endpoint logins, endpoint report management, and single sign-on for applications.
What is most valuable?
The most valuable feature is the identity access authentication.
What needs improvement?
There is a need for Okta to provide an end-to-end solution without needing a separate product like Zscaler for multifactor authentication. Additionally, Okta should enhance its endpoint defensive capabilities, as we currently use BeyondTrust for Elevator Access Management.
For how long have I used the solution?
I have been working with Okta Workforce Identity for four years.
What do I think about the stability of the solution?
The solution is rated as a nine in terms of stability.
What do I think about the scalability of the solution?
Okta is not designed fully for scalability.
How are customer service and support?
Okta provides good support. While we are unable to have it in-house, we can raise a ticket, and they support us well.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We utilize Okta and Zscaler for multifactor authentication.
How was the initial setup?
The setup process is very user-friendly and has no issues.
What about the implementation team?
Our internal team underwent training materials and configured the implementation successfully.
What's my experience with pricing, setup cost, and licensing?
The pricing is very high, which is an area for improvement.
What other advice do I have?
I recommend Okta Workforce Identity to others, particularly for mid-sized and large enterprises.
I'd rate the solution nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Last updated: Oct 15, 2024
Flag as inappropriateIT Lead at 0
Integrates multiple applications with its single sign-on capabilities
Pros and Cons
- "The solution's technical support is good."
- "The high cost of the product is an area of concern where improvements are required."
What is our primary use case?
I use the solution in my company for its single sign-on capabilities and for secure authentication.
What is most valuable?
The feature I like the most above the product stems from the fact that the tool allows for integrations. One can integrate multiple applications with the product's single sign-on capabilities, meaning with a single username and password, you can access multiple applications. If you have 50 applications, then you need not provide a y different username and password to log individually into each application. With the single sign-on capabilities, you can log in to multiple applications using Okta Workforce Identity. Okta Workforce Identity can be used to deal with configurations and several integrations. One can access multiple applications without having to provide multiple usernames and passwords. You don't need to remember multiple usernames and passwords when you have Okta Workforce Identity. Okta Workforce Identity also provides security to its users by providing MFA features. There are also a lot of workflows available in the product, which can be beneficial for users.
What needs improvement?
The high cost of the product is an area of concern where improvements are required.
For how long have I used the solution?
I have been using Okta Workforce Identity for a few months. I have just started to work with the product, and so I don't have much exposure to it.
What do I think about the stability of the solution?
Stability-wise, I feel it is one of the top most products in the market. There are very few products in the market, like the ones from Azure which are similar to Okta, which offers some of the best solutions in the market.
What do I think about the scalability of the solution?
It is a scalable solution. For each and every feature that our company uses in the product, there is a need to make payment to Okta, making the solution costly.
How are customer service and support?
The solution's technical support is good.
How was the initial setup?
I have not done the product's initial setup phase.
What was our ROI?
It is always beneficial to use the product since, with the single sign-on feature, users can also provide and get access via mobile app. If you are not able to access the product, you can do certain configurations with the help of automation. Everything is possible in the product with the help of its automation tools and monitoring policies.
What's my experience with pricing, setup cost, and licensing?
The product's price is high. For each feature, a certain payment is required.
What other advice do I have?
The product helps improve our company's employee onboarding process because the solution has integrations with multiple applications.
The single sign on capabilities of the product is one of the best, especially in terms of its ability related to configurations.
The product has an in-built MFA feature. When someone tries to sign in, the product asks for the authentication ID.
I recommend the product to others. It is one of the best products in the market. There are some people who use SailPoint instead of Okta Workforce Identity.
I rate the solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Jun 14, 2024
Flag as inappropriateArchitect at a tech services company with 1-10 employees
Offers universal directory that offers custom attribute capability and user permissions to read/write on their profiles or hide them
Pros and Cons
- "Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products."
- "Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning."
What is our primary use case?
Okta has recently built Okta Identity Engine (OIE). It has a lot more capabilities than the classic engines. The certificate-based system is one thing, and third-party tools like Intune and Jamf for iOS devices. There is a trust relationship between these device management tools, and that contributes to control over the end-user devices.
Scalacity was a company acquired by Okta, and its technology was integrated into Okta's Advanced Server Access (ASA) product.
What is most valuable?
Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products.
Okta can import many attributes into the Okta profile and send attributes from the engines. Multiple sources of truths and profile inheritance are done in granular ways. This plays a major role in ABACs going forward.
Okta's MFA features are good. Okta is looking forward with more on the push or less, relying on the Okta Verify factors. It also has extensive capabilities. It's adopting a layer-by-layer upgrade in developing the policies, like MFAs.
Okta has more when it comes to the policy level. It has distinctive features where you can do a mix and combination to have users access applications for various business cases. That's something unique and a selling feature.
What needs improvement?
Okta has a limitation with directory integrations. If you have multiple Active Directory integrations, the user distinguished name (DN) and the manager DN don't get imported properly into the Okta user profile. It has a property of Get AD user's property, but that has limitations when writing an expression language to import changes or updates to user DNs or manager DNs from AD, especially if you have AD master users.
Also, Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning. Even if only one attribute gets updated, even though it is unmapped, it can override other values in the downstream application by nullifying the query. That's the biggest flaw in my experience.
The product releases a lot of brand-new features within the quarterly releases.
For how long have I used the solution?
It's definitely the leading Identity Access Management cloud platform. I have experience with Okta for almost six to eight years now.
I've been an Okta-certified consultant since last year. I got an opportunity to work on the workforce as well as the customer side.
I have experience with more than eight Okta tenants parallelly due to various business cases across my career. Ultimately, this product itself is a pioneer in Identity Access Management.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
Scalability works very well. I've worked so far with Okta. It's like the heartbeat of that company. If Okta goes down, people are unable to authenticate anywhere. They can't get into applications. So there's a lot of dependency on Okta within the businesses and environments that I've seen so far. It's very critical.
How are customer service and support?
The customer service and support are awesome. They have a CSM assigned for each organization, and they are pretty much responsive to any events that occur. Or if there are any escalations or incidents that impact the business, they're pretty much around in a timely fashion to support the organization.
We have the flexibility with our CSMs to reach them in any manner, email or phone, and they're available most of the time.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have long relationships with other vendors for things like Identity Governance and Privileged Access Management. But one thing I've noticed is that Okta has been expanding into wider ranges.
But, there are limits and restrictions to the existing features, which are not fully developed yet. Okta have added a lot of tech in the last couple of years.
What was our ROI?
I'm not a hundred percent sure about the return of interest because it is very much dependent on the size of the organization.
I came from smaller organizations working, like, midscale to, like, large scale. So overall, like, the security breach, like, there are, like, two to three security breaches that have happened, but nothing has been damaged so far for the organization.
So, investing more in Identity access management is a critical investment for any operation as applications are moving to like cloud and SaaS-based. So, there is a dire need to protect the digital identities of enterprise tech employees as well as their customers.
There are a lot of features you can automate. Okta Workflows is a key feature that has a separate pricing than adaptive MFA or SSO. It's a combination, but Okta has features and capabilities to reduce the IT burden. Within my experience, it's been helpful so far with a lot of overhead work that comes with onboarding and offboarding.
What's my experience with pricing, setup cost, and licensing?
The pricing itself is a bit more expensive than the other products in the market so far. Since I know the product is in full demand. But, again, the price texture, features, and everything suits well for small to medium.
But, for larger organizations, it's more expensive than the other platforms. But, usually, licensing is a bit expensive.
What other advice do I have?
I definitely recommend Okta. It has all the features you can utilize to protect any organization's digital entities. Considering a lot of other factors, like cost and the overall features the company wants to use. If you want to use Identity Governance, Identity Access Management, or Privileged Access Management, that's a different story. It's also a different story if you're using other products for different needs.
Overall, I would rate the solution an eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: May 13, 2024
Flag as inappropriateSenior IT Engineer at Instawork
A stable and scalable tool that allows for application control on a single console
Pros and Cons
- "It is a very stable solution."
- "The only area of concern in the solution stems from the fact that my company needs some help regarding the setup phase from a partner."
What is our primary use case?
I use Okta Workforce Identity in my company since it supports single sign-on (SSO).
Okta Workforce Identity is good for helping control all applications in one console.
What is most valuable?
The most valuable feature of the solution stems from the fact that one can create a lot of workflows with the product while also being able to add Jamf software. One can also add a lot of applications with Okta Workforce Identity so that employees can use and access them from a single console. During employees' onboarding or offboarding processes, it is very easy to activate and deactivate their access.
What needs improvement?
The only area of concern in the solution stems from the fact that my company needs some help regarding the setup phase from a partner.
For how long have I used the solution?
I have been using Okta Workforce Identity for five years. My company is a customer of Okta.
What do I think about the stability of the solution?
It is a very stable solution.
What do I think about the scalability of the solution?
It is a scalable solution.
Around 1,000 people in my company use Okta Workforce Identity. Whatever accesses we provide in our company are provided through Okta.
How are customer service and support?
Whenever my company has raised a ticket with Okta's support team, we always receive immediate support. I rate the technical support a ten out of ten.
How would you rate customer service and support?
Positive
What about the implementation team?
For the initial setup phase of Okta Workforce Identity, you need a person from Okta to help you. In general, you may require Okta's partner's help with the initial setup phase.
What's my experience with pricing, setup cost, and licensing?
Price-wise, Okta Workforce Identity is a cheap solution. The overall cost depends on the license since you can negotiate with Okta or any of Okta's partners only if you opt for many licenses.
What other advice do I have?
I have not seen any disadvantages in Okta Workforce Identity. From whatever I have seen and experienced, I can say that Okta Workforce Identity is a good tool.
If you have more than 500 or 1,000 employees in your company with limited IT personnel, then you can use Okta Workforce Identity since it allows you to give access to your employees with just one console. If any employees decide to leave the organization, then it is very easy to deactivate or remove their access from your network. Okta Workforce Identity helps save bandwidth and time.
Once you get the console, it is very easy to access or add applications, reset the password for users, and reset the authenticator. If you have access to KT or knowledge transfer, it is very easy to understand Okta Workforce Identity.
I rate the overall solution a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Director - Principal Architect at a computer software company with 5,001-10,000 employees
Is compatible and interoperable, and easy to implement, learn, and scale
Pros and Cons
- "One of the features that I have found to be very valuable is its interoperability and compatibility with all types of resources, whether it's networking, infrastructure, or applications. That is, it is compatible as well as interoperable, as far as the federated authentication is concerned."
- "It's not compatible with on-premises installations, unless you host it as a SaaS. We were not able to do that. For example, imagine a scenario where the cloud is not available. Then, Okta will not work for you. That use case will readily fail because it doesn't have an on-premises installation that you can use to authenticate or provide identity and access management. If you have a purely on-premises solution that is not connected to the internet, then this will not work. This is one area that can be improved."
What is our primary use case?
We use it for API authentication, on-premises clusters as well as cluster access, and cloud cluster access.
How has it helped my organization?
We did not have a unified mechanism for accessing resources or a secure way of accessing resources, and Okta solved that problem for us.
What is most valuable?
One of the features that I have found to be very valuable is its interoperability and compatibility with all types of resources, whether it's networking, infrastructure, or applications. That is, it is compatible as well as interoperable, as far as the federated authentication is concerned.
What needs improvement?
It's not compatible with on-premises installations, unless you host it as a SaaS. We were not able to do that. For example, imagine a scenario where the cloud is not available. Then, Okta will not work for you. That use case will readily fail because it doesn't have an on-premises installation that you can use to authenticate or provide identity and access management. If you have a purely on-premises solution that is not connected to the internet, then this will not work. This is one area that can be improved.
I would also like to see more intelligent analysis of the identity and access management from Okta.
For how long have I used the solution?
We have been using it for the last seven years.
What do I think about the stability of the solution?
It is fairly stable. However, because it's a SaaS solution, it needs to have connectivity. If the connectivity is down, then Okta Workforce Identity will be down as well.
What do I think about the scalability of the solution?
This is one of the pluses that Okta has. It's easily scalable, both horizontally and vertically.
Right now, we have about 3,500 users.
How are customer service and support?
There was one minor hiccup with technical support, but other than that, the support has been pretty good. I would give them a nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We used ForgeRock, and we switched to Okta mainly because of the flexibility that Okta provides.
ForgeRock requires on-premises maintenance. Because most of our applications are now on the cloud, Okta is more user-friendly in that sense.
A couple of years ago, it was 70/30, 70 being on-premises. That's why ForgeRock was the choice. However, it's flipped now to 30/70, and Okta is more useful.
We still use ForgeRock because you can do an on-premises hosting for ForgeRock. Okta doesn't have that capability.
How was the initial setup?
The initial setup is very straightforward; it's a very simple setup. There are some areas for which you need some skills. If you have an SOP, you can just follow it. I would give it a four out of five.
We have three people assigned to the solution for deployment and maintenance.
What about the implementation team?
We deployed it using an in-house team. The initial setup did not take much time; it took about one to three weeks.
What's my experience with pricing, setup cost, and licensing?
Okta has fairly competitive pricing.
Which other solutions did I evaluate?
We evaluated some native cloud services, like AWS and Azure before choosing Okta Workforce Identity.
We also looked at IBM ISAM, IBM Security Access Management, and Oracle ISAM, but they're very rigid products. That's why we went for Okta. They don't have any flexibility, and the cost was also very high compared to that for Okta.
What other advice do I have?
If your use case is multi-cloud data centers and hybrid cloud architecture, Okta is a solution to go to. It's fairly easy to implement as well. It has federated identity and access management, and it works very well with any type of identification authentication. However, if you have on-premises data centers where there are connectivity problems, then it would be better to avoid Okta.
I would rate Okta Workforce Identity at eight on a scale from one to ten because I've found it easy to implement and easy to learn. That is, the onboarding or the learning curve is less. It also has federated identity and access management mechanisms, where you can apply the various resources and workloads that you have. Also, it has very good interoperability and compatibility. It can easily scale too.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Okta Workforce Identity Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Identity and Access Management as a Service (IDaaS) (IAMaaS) Single Sign-On (SSO) Authentication Systems Privileged Access Management (PAM) Access Management ZTNA as a ServicePopular Comparisons
Microsoft Entra ID
Workspace ONE UEM
SailPoint Identity Security Cloud
Omada Identity
Google Cloud Identity
Ping Identity Platform
JumpCloud
OneLogin by One Identity
IBM Security Verify Access
Silverfort
AWS Directory Service
Thales SafeNet Trusted Access
Axiad Conductor
Gluu Flex
Oracle Identity Cloud Service
Buyer's Guide
Download our free Okta Workforce Identity Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which IDaaS solution do you prefer and why?
- Looking for an Identity and Access Management product for an energy and utility organization
- Is SSO safe?
- Which is the best Privileged Account Management solution?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- Why is identity and access management (IAM) so important in preventing data breaches?
- What access management tools would you recommend to help with GDPR compliance?
- How to convince a client that Identity and Access Management (IdAM) is essential for risk elimination?
- What are the differences between LDAP and Active Directory?
- How is Zero Trust different from the Least Privileged model?