Okta Workforce Identity Reviews

We use it for API authentication, on-premises clusters as well as cluster access, and cloud cluster access.

We did not have a unified mechanism for accessing resources or a secure way of accessing resources, and Okta solved that problem for us.

One of the features that I have found to be very valuable is its interoperability and compatibility with all types of resources, whether it's networking, infrastructure, or applications. That is, it is compatible as well as interoperable, as far as the federated authentication is concerned.

It's not compatible with on-premises installations, unless you host it as a SaaS. We were not able to do that. For example, imagine a scenario where the cloud is not available. Then, Okta will not work for you. That use case will readily fail because it doesn't have an on-premises installation that you can use to authenticate or provide identity and access management. If you have a purely on-premises solution that is not connected to the internet, then this will not work. This is one area that can be improved.

I would also like to see more intelligent analysis of the identity and access management from Okta.

We have been using it for the last seven years.

It is fairly stable. However, because it's a SaaS solution, it needs to have connectivity. If the connectivity is down, then Okta Workforce Identity will be down as well.

This is one of the pluses that Okta has. It's easily scalable, both horizontally and vertically.

Right now, we have about 3,500 users.

There was one minor hiccup with technical support, but other than that, the support has been pretty good. I would give them a nine out of ten.

Positive

We used ForgeRock, and we switched to Okta mainly because of the flexibility that Okta provides.

ForgeRock requires on-premises maintenance. Because most of our applications are now on the cloud, Okta is more user-friendly in that sense.

A couple of years ago, it was 70/30, 70 being on-premises. That's why ForgeRock was the choice. However, it's flipped now to 30/70, and Okta is more useful.

We still use ForgeRock because you can do an on-premises hosting for ForgeRock. Okta doesn't have that capability.

The initial setup is very straightforward; it's a very simple setup. There are some areas for which you need some skills. If you have an SOP, you can just follow it. I would give it a four out of five.

We have three people assigned to the solution for deployment and maintenance.

We deployed it using an in-house team. The initial setup did not take much time; it took about one to three weeks.

Okta has fairly competitive pricing.

We evaluated some native cloud services, like AWS and Azure before choosing Okta Workforce Identity. 

We also looked at IBM ISAM, IBM Security Access Management, and Oracle ISAM, but they're very rigid products. That's why we went for Okta. They don't have any flexibility, and the cost was also very high compared to that for Okta.

If your use case is multi-cloud data centers and hybrid cloud architecture, Okta is a solution to go to. It's fairly easy to implement as well. It has federated identity and access management, and it works very well with any type of identification authentication. However, if you have on-premises data centers where there are connectivity problems, then it would be better to avoid Okta.

I would rate Okta Workforce Identity at eight on a scale from one to ten because I've found it easy to implement and easy to learn. That is, the onboarding or the learning curve is less. It also has federated identity and access management mechanisms, where you can apply the various resources and workloads that you have. Also, it has very good interoperability and compatibility. It can easily scale too.

I am using Okta Workforce Identity for identity access management.

Okta Workforce Identity has helped improve our organization by providing customer identity management, customer onboarding, customer identity stores, workforce provisioning. Additionally, single sign-on is one of the primary functions that has been a benefit.

Okta Workforce Identity could improve provisioning it can be made simpler.

They are implementing in one of the newer releases certification, attestation, and some role-mining abilities, but I don't know how far along that's going to be. That's a statement that they said they are going to have in the future.

I have been using Okta Workforce Identity for approximately three years.

Okta Workforce Identity is scalable.

The scalability of Okta Workforce Identity is great. It's a SaaS solution the scalability is one of the built-in expectations with it. It can scale, even though I don't scale it personally with any of the companies I worked with, it can potentially scale to support millions. It's easily scalable.

I rate the support from Okta Workforce Identity a four out of five.

I have previously used Oracle Access Management, Microsoft Azure Active Directory, and ADFS. Those would be the major ones. I've been introduced to small ones, such as PingFederate, but I never used those heavily.

We switched solutions because of the architectural design. We chose Okta Workforce Identity for external customers, it's a customer identity platform that we decided to go with.

The initial setup of Okta Workforce Identity is straightforward. I was able to get an environment ready within half a day.

I rate the initial setup experience of Okta Workforce Identity a four out of five. 

I have used an integrator and have done the implementation myself for Okta Workforce Identity.

Okta Workforce Identity scales up by the user, and then by the service that you're purchasing.

The solution is not the cheapest but not the most expensive. They are in the middle rating.

I rate the price of Okta Workforce Identity a three out of five.

I rate Okta Workforce Identity an eight out of ten.

Our organization only uses Okta for single sign-on. Everybody is working from home, so we need a multi-factor authentication solution for remote users. We have around 70,000 users. 

Okta integrates well with other solutions. Once you have integrated an application into Okta and onboarded a user, they will be onboarded for just-in-time provisioning. 

The error logging could be improved. Okta doesn't provide enough details when you are troubleshooting an issue. It's often difficult to fix it from our end, so we always need additional support from Okta.

I have worked with Okta for two years.

I rate Okta six out of 10 for stability. We don't see many bugs, but the product doesn't support some of our custom requirements. We have to submit feature requests that they implement later. 

I rate Okta six out of 10 for scalability. In January, they were doing something on their side, and a cell was down. The US was completely down, and most users had problems logging into. Okta confirmed that auto-scaling was not happening properly from their end.

I rate Okta support eight out of 10. 

Positive

The company used RSA before I joined. I believe they switched because they preferred a SaaS platform, and RSA was late to adopt this model. RSA is excellent as an on-prem solution, but they didn't transition to the cloud until later. 

I rate Okta eight out of 10 for ease of setup. It's a SaaS product. You can configure it in a few hours. It takes additional time if you use on-prem agents. Active Directory has some other agents that must be integrated. It will take additional time. Otherwise, it won't take much time. You need three people at most to deploy it. Usually, one person deploys the solution, and two other people are on standby. 

I rate Okta Workforce Identity eight out of 10. 

We use the solution for our single sign-on applications. It resolves password issues.

We use it for authentication and 90% of our SaaS app. 

We use it for on and off-boarding users. It syncs with our on-premises master directory to set them up and take them off.

We like that the solution helps us to streamline multifactor authentication.

It's got great SSO and good provisioning and de-provisioning. 

The product is easy to set up. 

It is stable.

The solution can scale very well.

I've been pleased with its capabilities overall. 

Support could be a bit faster.

I've used the solution for five years. 

The solution is stable. I'd rate its reliability ten out of ten. 

It's extremely scalable. It'd rate the solution's ease of expansion ten out of ten. 

We have 1500 users on the solution currently.

Support is good. However, sometimes it takes them a bit longer to deal with issues. 

Positive

We previously used a different solution. We moved to Okta as the GUI is very user-friendly, and the solution is simple to use. 

The initial setup is very easy. It's not complex. 

The deployment took a matter of three to four days for our hybrid setup.

K+Okta's team helped us deploy the solution. They made it very easy.

We have gotten an ROI in terms of time savings. We've seen 20% to 30% ROI, as it is saving us a lot of time. 

The pricing is a bit expensive. I'd rate it four out of ten in terms of affordability. It's a bit more expensive than our older solution.  

Okta charges per user, and that can make it costly if you are a big company.

We are customers and end-users. 

I'm using the latest version of the solution. 

I'd rate the solution eight out of ten. The pricing is a bit high, and they do charge per user. There are other options that are a bit less expensive. 

SSO and MFA: To extend Identity Authentication on the existing IAM identity and account operations to the multiple domains for administrative and help desk personnel. Improve consistency of the identity management processes across the organization and improve compliance with governance mandates.

The access management with Okta revolves around the establishment of a single authentication store (reducing the number of accounts), which will allow the migration of existing applications to federations, or a common identity store. It will also establish a suite of centralized authentication services that can be used for future applications and systems platforms.

• Enabled MFA to access federated applications as well as increased user satisfaction through improved provisioning times and more reliable processes. 
• Reduced costs associated with paying for AD accounts for customers who use corporate applications (currently 4000+ customer IDs exist within the AD forest – these require a license at a substantial cost to the organization). 
• Increased productivity through centralization of IAM Authentication - Authorization operations to a single tool (ISIM), and better operational resiliency with distributed administration (Common tasks can now be handled by a more diverse set of individuals across the organization.

SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service. Extend Identity Authentication and authorization management operations. Extend the existing IAM identity and account operations to divisional administrative and help desk personnel. This improves the consistency of the identity management processes across the organization. Obfuscating the AD account infrastructure from the application infrastructure to reduce risk and vulnerabilities associated with tying externally facing applications to corporate accounts.

• Passwordless authentication. 
• Integration with the user provisioning infrastructure to track all entitlement changes; simplify the modeling of the role and access definitions at every stage of the user life cycle.  
• Automation of the entire entitlement and role review process, in alignment with business needs and requirements as stated by business leaders and managers. 
• Oversight in the form of dashboards reconciling and centralizing information for immediate insight into the status of access reviews and certification processes.

3 years.

They work really well.

I did not have another access management solution in place prior to implementing.

It was straightforward for access management with SSO and MFA. It was complex to implement password synchronization between AD domains.

We implemented directly with the solutions provider.

We evaluated IBM Access Manager but decided to go with a cloud-based product.

My primary use case is to have a single sign-on and to have identity access management. I'm the team management manager and we are customers of Okta. 

Having a single sign-on to all our applications.

With the device applications, when you are checking the logs, you can't hide the device and that's a feature that's missing. I'd like to see MDM source added. 

I have used this solution for a year. 

The solution is good on scalability and stability. 

The company has very good tehnical support and they respond quickly. 

The initial setup wasn't so easy but it wasn't too complex either. We had assistance from Okta for the installation. Implementation didn't take long, maybe two or three days but we had some issues with some applications, and we had to postpone our deployment for about two months because of that. There's no maintenance required. We have about 300 users dealing with the solution in the company and it's used daily. We have no plans to increase usage for now.

I think the approximate cost for the license is somewhere between $20,000-$21,000 a year and that includes everything. 

I think this is a good solution, I would recommend it. 

I would rate this solution an eight out of 10. 

Okta Workforce Identity is easy to use and has a lot of components.

The product's connector framework needs improvement. There should be automated aggregation and complete classification processes included in it.

We have been using Okta Workforce Identity for five months.

It is a stable product.

It is a scalable product. It provides flexibility to increase the number of users. Our customer environment has 5000 to 6000 users.

The initial setup is straightforward. We deploy it on the cloud. The product has good documentation to refer to for implementation. We require two engineers and one manager to execute the process.

The product has a user-based license model.

We evaluated SailPoint, IBM, and Oracle. Our customer migrated from Okta to IBM for more features.

I rate Okta Workforce Identity a five out of ten. If you don't have critical use cases and do not want a full-fledged IGA solution, Okta is a good product. However, if you want to use certification, access requests, and an extensive connector framework, Okta does not provide it.

Workforce is used to both manage our identities with multi-factor authentication for the users and it's also used to handle workflow, so onboarding and offboarding, et cetera.

They work well if they're set up properly.

The initial setup is easy. It's also easy to use.

We find the solution to be stable.

The pricing is okay.

There is very little maintenance required. 

We've not come across anything missing. It's under continual improvement. It is actually very good. We've not had any problems with Okta. I'd have to think hard to find anything that was badly implemented.

The stability is good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good.

The initial setup is pretty easy. It is very simple to set up initially and it takes a couple of hours. The multi-factor authentication is simple too and can be turned on as required. The one that takes the most effort is SAML, which is the integration with the service providers. That's full-service integration and that's because a lot of service providers do it all their own way. You have to work with each of them as they come up.

In terms of how many people you need to maintain the product, it depends on how you do it. We're managing it for a couple of customers, and it's just me. However, what I've done is, I've put an API, used the API, and put a front end on that to make it easy to do the onboarding and offboarding. I don't deal with the day-to-day issues, that's done by the HR department.

The client actually installed it. We helped as well, however, as I said, the client handled most of it.

The pricing seems very reasonable. None of the customers have complained about it.

We're using the most up-to-date version of the solution.

As far as Okta is concerned, it's deployed in the cloud.

They're a complex software provider. They're a software as a service, software provider. They have a training service, they have a university, they have a community, and they also use it for outbound marketing.

We've implemented it for the clients and they're quite happy with it.

We're a reseller and integrator. We sell the service and do the implementation, and we're also a user ourselves.

I'd rate the solution a nine out of ten.

I'd advise new users to make sure that you implement it properly. If you buy the service and don't implement it properly, you'll never get the benefits from it. They need to make sure that you are monitoring the logs as well as that tells you if someone's doing anything they shouldn't be doing.

The journey for us is towards Zero Trust. We start with multi-factor authentication, and good password policies, and think about moving to fully integrated, where you can. That's SAML, their integration protocol, or Open ID. The next step is to think about how to make sure that all services, internal and external, are authenticated. Zero Trust implementation is where the world has to go