Okta Platform Reviews

I work for one of Norway's largest employers with 50,000 employees. This is Norway's largest retail chain and we use it for 30,000 workers in retail, 15,000 in warehousing, and 5,000 in the corporate environment. For all of these, onboarding is automated to the HR and we have an old CA, which is now called the Broadcom Identity Management Solution for provisioning into Okta Workforce Identity. In this solution, we take those 50,000 identities and we've now built a B2B portal so that vendors, producers of the stuff that is sold in these retail chains, can log on and do things like plan their shipments, have the accounting done, et cetera, et cetera. So there are about maybe 20,000 people, a total of 70,000 people in this identity space. Last but not least, is the PAM solution. So we have maybe 300 IT staff on shore and we have maybe 600 offshore. I haven't done the latest count, but around 1000 IT workers authenticate through Okta Workforce Identity but are then given access to the PAM solution because the PAM solution protects both our cloud environment and our on-prem environment. We use the cloud to get into the on-prem.

First of all, the solution is very simple. It's actually made for smaller companies. So working with it, I wouldn't say that anyone could do it, but everything can be expressed as groups and rules. 

The drawback of this solution is that in our shops, many staff members sometimes have to be borrowed from one shop to another and the solution does not really support having multiple roles. The user experience we would like to have when a person works in shop A which pays their salary is that they should have access to pretty much everything. Maybe you have somebody who is a manager in that shop A, he should be able to order new wear, he should be able to change the pricing, he should be able to empty the cash registry, and ship it to the bank. But when for instance, in COVID, people had to fill in for people in shops where a lot of people were sick, then they had to actually use user accounts of people that work in shop B. If you were employed in shop A, you could not work in shop B without borrowing somebody else's user ID and password. Which is really bad. We haven't been able to work around that and Okta Workforce Identity does not have a solution for it.

We are now piloting their identity governance solution. Obviously, it's easy to give somebody access, give them an account, and give them roles, but it's hard to maintain that. For example, if you moved from, say working in a shop to working in a warehouse. But why do you still have all this shop access? The solution has until now not had anything to really support the process of taking away access. But now we are in a better release program of Okta's identity governance solution. Although it's very basic, the solution has started on a journey, but identity governance is something that Okta Workforce Identity really needs to improve.

The ability or the options in the solution for changing the look and feel are not good enough because in our partner portal, essentially what they have is an ugly admin interface. The admin interface is good enough for us technical people because that's all we need. We work with the product and we're able to see the data but when it comes to presenting the service portal, Okta Workforce Identity does not have any capabilities really for making it look pretty. 

To add branding and different graphical user interface elements than Okta basic for essentially delegated admin for the business-to-business portal is horrifying because you're essentially using the tech admin. The only option we had and used, was to take the tech admin console and strip it. so that a vendor that has some goods that are sold in the shops, when they want to add a user on their side, say a driver or a packer on their side who should know how much they've packed in a truck to come to our warehouse, then the user interface that this vendor is using, these functional people will then have to use an extremely basic user interface.

I have been using the solution for three years.

The stability is fantastic and has never been down. I give the stability a ten out of ten.

The solution's cloud environment seems to be highly scalable. We haven't found any bottlenecks there. The only bottlenecks we found are within our own infrastructure.

The customer support guy for Okta in Europe, a relationship manager, used to be a friend of mine when I lived in Sydney, Australia. He worked for Sun Microsystems systems back then. Sun Microsystems was the best product in the IT industry. Now Okta Workforce Identity is the best in the identity industry. The solution is not perfect because it's meant to be high volume, simple functionality, and all the basics first. The point is they're now adding functionality and this is where the EMEA lead, he's been in this industry for 20 years just like me. And he's so good. The team that he has, again, the tech team that they have is fabulous. The tech team is on par with maybe the absolutely best tech team that I've ever experienced with CyberArk, but the Okta guys are brilliant.

Previous to using Okta Workforce Identity we used Oracle Access Manager and it was horrible. Oracle Access Manager didn't scale, it had a lot of bugs, and it was expensive. Oracle was charging obscene license fees for a product that was rubbish.

The initial setup is very easy. Building a new environment is easy because nobody is better than Okta Workforce Identity when it comes to deployment. I give the setup a ten out of ten for ease.

The implementation was completed in-house by our two engineers.

I give the solution an eight out of ten for return on investment. I would not give the solution a ten because our brand is hurting a little bit by having these non-customizable external interfaces. 

The licensing is per user per month and includes full technical support. I give the pricing a six out of ten. It's not a bad product for a high price like Oracle is. It's a good product for a fair price but It's not cheap.

I give the solution a nine out of ten.

The thing is you can build a deployment in a day. So creating a new environment is done overnight, 24 hours. But if you say, how long does it take for us to build the connection so that CA was able to give us the data we needed to fill the roles in the solution, and then get provisioning up to work with Azure AD, and the main applications, that took us six months. Not because of Okta Workforce Identity but because of all these interfaces. That's always the killer with identity implementations. The interfaces you need to speak with to get your source, your HR data, or partner data. Maybe the best example is the partner portal. That took one year but that was more to get what's the functionality, what's the user experience. Okta Workforce Identity for engineers is a pretty solution. 

There are over 70,000 people using this solution.

We also use Thycotic Secret Server for privileged access management. So for all the tech people that need to say take backup our ERP, warehousing applications or put a new feature in the warehousing applications or upgrade the point of sale system, all those tech people get access to Thycotic Secret Server. I think there are 1000 that are actually employed onshore and offshore by my employer. And another 1000 that are tech people that maintain switches, operating technology kind of equipment. So about 2000 people have Thycotic accounts. But 70,000 have user accounts and user access. With Okta Workforce Identity everything is included with the licensing fee. If you've ever seen an Oracle licensing agreement there are loopholes in there and so you end up paying for additional items above the Access Manager, for example, you also pay for the database that it runs on. With Okta Workforce Identity it's simple. You get what you pay for. No more, no less.

I understand that Okta Workforce Identity has chosen to go for simplicity first. And that complex functionality, which we, being a very large customer... There are not many like us. We have more difficult requirements than most. But to do the simple things so well that we don't have to worry about them means we can focus on the last 10% of requirements. That will always be hard. And that's why I think the solution does 90% of the requirements so well that you need to do every day, so we can focus on the remaining 10%, which may not even be an Okta Workforce Identity problem. It is just a problem that you end up with when you have a very large business with a user portfolio that is everything from server admin from India to a trucking company that needs access to the warehousing doors in another part of the world. Okta Workforce Identity from an access management point of view is a nine out of ten.

The solution is used to eliminate a VPN, provide identity authentication, and single sign-on (SSO). We use Zscaler authentication to manage endpoint logins, endpoint report management, and single sign-on for applications.

The most valuable feature is the identity access authentication.

There is a need for Okta to provide an end-to-end solution without needing a separate product like Zscaler for multifactor authentication. Additionally, Okta should enhance its endpoint defensive capabilities, as we currently use BeyondTrust for Elevator Access Management.

I have been working with Okta Workforce Identity for four years.

The solution is rated as a nine in terms of stability.

Okta is not designed fully for scalability.

Okta provides good support. While we are unable to have it in-house, we can raise a ticket, and they support us well.

Positive

We utilize Okta and Zscaler for multifactor authentication.

The setup process is very user-friendly and has no issues.

Our internal team underwent training materials and configured the implementation successfully.

The pricing is very high, which is an area for improvement.

I recommend Okta Workforce Identity to others, particularly for mid-sized and large enterprises.

I'd rate the solution nine out of ten.

We use Okta for identity and access management for our internal services, cloud services or applications (SaaS). We have a hybrid setup since we have a global workforce, so we unify our IAM services.

The most useful features of Okta for my organization are identity and access management, single sign-on, and the flexibility for hybrid setups. 

Okta enables multi-factor authentication, which enhances security, especially for SaaS applications. The integration capabilities of Okta are very flexible, with multiple protocols that can be integrated, especially for single sign-on. Any API can also be added, making it mature in terms of integrating with other identity providers, particularly Active Directory or Azure Entra ID.

Okta should have at least a local presense for countries that align with or comply with GDPR or data sovereignty, so there are no compliance or audit questions. There are integration issues with Office 365; such as groups not updating correctly in Okta. Okta should work on resolving them.

I have been in the organization for one year, and it has been more than three years now that Okta has been used.

As long as you have Internet connection, there are no issues with the stability. 

Okta is scalable and reliable, with no downtime or service disruption encountered over the years.

My team contacts Okta support for increased integration requirements. They are very supportive; they just open a ticket, and they support us very professionally.

Positive

The setup process is pretty straight-forward, having experience with different single sign-on (SSO) and identity access management, I can manage the setup process with ease. Okta provides clear guidelines and documentations as well.

Pricing for Okta is reasonably not that much, however,  I don't have access to the commercial aspect.

I recommend evaluating your environment first. If you have a global workforce or you need flexibility and higher visibility on your identity and access management (IAM) and SSO, Okta is a good solution. My total rating for Okta is ten out of ten.

In Okta Customer Identity, I primarily respond to application handling with around three thousand applications. This includes handling internal applications for permanent employees and third-party applications for contractors. I also work on certification renewal annually and the setup of SSO pages to enhance security.

The most valuable aspect of Okta Customer Identity is the server's reliability, especially for directory and node management. I set up different directories for traffic redirection, ensuring backup when a data center faces issues and maintaining seamless operations.

There is room for Okta Customer Identity to improve by increasing the reliability for the server end, creating more directories, and focusing on internal users rather than external or contract-based ones. Additionally, extending idle session times from ten milliseconds to at least forty-five seconds would be beneficial. It is also suggested that patches be applied annually rather than quarterly.

I have been working with Okta Customer Identity for nine months.

I would rate the stability of Okta Customer Identity as eight. It has allowed us to manage identity signals effectively, though some customers are resistant to certain procedures, making stability slightly challenging.

I rate the scalability of Okta at nine. I have a clear understanding of the architecture and processes involved, which allows for effective scaling to manage user privileges, application logins, and leveraging tools like Splunk for efficient data management.

We have a strong internal support system including application support, data center, and IDM teams. However, direct interaction with Okta's technical support is minimal as we typically manage internally.

Positive

Before using Okta Customer Identity, I did not utilize a different solution for these use cases.

The initial setup of Okta Customer Identity took about five hours and required a team of three.

We needed three people for deployment and now require about four people for maintenance, including rotations among five to six employees.

The pricing for Okta Customer Identity is very economical. It is much cheaper compared to Oracle Access Manager, and the company focuses on internal training to mitigate additional certification costs.

We evaluated Microsoft Azure as another option, but both Okta and Azure are quite similar in functionality.

Overall, I rate Okta Customer Identity as nine. Although there are some areas of improvement, its pricing and scalability make it a preferred choice for managing user identity and applications.

I have implemented a number of applications as far as accessing them through their IDPs. And they're an identity provider; they also provide some alternative active directory slash l dash services. And I have purchased those for getting user data onto other systems.

It's very straightforward. The automation that they have and the way that they let you assign applications to groups or to users and do things dynamically, it is very straightforward other than just that there's a lot of nuance because of the breadth of applications out there that they can work with. It's more a matter of knowing how to work with the security mechanisms in place, such as SAML or OAuth, these may require specific expertise.

As far as our security team is concerned, the ease of implementing multifactor authentication is definitely the biggest value for our organization. Additionally, the single sign-on services provided by Okta allow users to log in to their Okta account and access a variety of other applications. That's why we implemented Connect to leverage this feature more efficiently across MacOS.

There are areas for improvement. One thing that seems odd to me is the lack of a built-in way to export all user data. They have a solution available on GitHub that they basically endorse, and it's developed internally, but for some reason, it's not integrated into their product. So, that's a peculiar aspect.

Instead, the support says they don't offer it but provide an alternative solution that we have to manage separately. So, it's a situation where they don't want to include it in their product, but they offer assistance outside of it? It's unclear what kind of support you would need for it. It just works.

Another area of improvement is scalability.

I have been working with Okta for two and a half years.

Okta is pretty stable. Occasionally, we encounter notifications indicating some issues, but that has happened only once or twice in the two years I've been using it.

There have been situations where our own users were temporarily affected by disruptions in the cloud, but those incidents lasted only for a couple of hours. Taking into account a 99.9% uptime SOA.

I would rate its scalability seven out of ten. There are definitely challenges we encounter, not related to the number of users but rather in terms of implementing various applications. Each application we work with can be completely different, resulting in highly variable implementation processes.

It ultimately depends on the specific use cases you have and the tools you utilize. It's important to find the best solution tailored to your needs.

We have around 500 users utilizing Okta Customer Identity.

The initial setup is fairly easy. I would estimate it to be at least an eight in terms of ease of setup.

The actual setup and configuration can be done in half a day or less. However, the main challenge lies in communicating with users and getting them to adopt and use it, rather than the technical setup itself.

It's more about informing everyone about the new requirement, that instead of logging in to each application separately, they can now log in to the Identity Provider (IDP) and utilize its Single Sign-On (SSO) capabilities to simplify the login process for all applications.

Okta's pricing is right where it needs to be and right in the middle of the market. You can pay them extra for services for assistance in implementing certain applications. You can hire one of their engineers to work with you and ensure successful implementation.

And that's something worth considering because they have expertise in their product and can get the job done more efficiently. It's worth paying for their services to ensure the solution is implemented successfully rather than struggling internally and failing to get it done.

Overall, I would rate Okta a nine out of ten because there is always room for improvement. However, it is best in class as far as doing the things it does. And it's something that I've implemented with multiple businesses.

And it's really well-regarded. Yes. There are alternatives out there. Like, they all do somewhat different in each thing, whereas Okta seems to really be trying to cover all the bases as far as providing solutions that integrate with people's OSBAP, people's active directory, companies that wanna get serverless, touching on, the zero test network security that they're really kind of playing in the center of that zone.

Okta Workforce Identity stores all your applications in a portal. It saves passwords, eliminating the need to remember them. In addition, we use 1Password as a backup in case someone forgets their password.

In my organization, people thank me for integrating the product. Integrating applications with the solution makes it simple to access various applications. You can easily navigate through a list of 50 applications, click the one you need, and log in.

I like the tool's workflows, which is user-friendly. It can integrate with different applications. I particularly like that users are delighted to access their applications without the hassle of entering their username and password each time. It truly enhances user-friendliness.

I would appreciate it if Okta Workforce Identity becomes more user-friendly. Its API technology is complicated. Certain applications may pose challenges in terms of integration, especially when they require IDP technologies that aren't easily codable. While I can't provide specific examples, some applications may not integrate with Okta Workforce Identity. 

I have been working with the product for eight years. 

The product works at times, and sometimes it doesn't. You will have to change the conditions when it doesn't work. 

Okta Workforce Identity is scalable. My company has 650 users for it. 

The tool's tech support is hard to get a hold of. Also, you would speak to a robot who knows a lot of information, doesn't listen to your questions, and misguides you. 

Neutral

I have worked with Microsoft Azure, Slack, Teams, and Adobe Creative Suite. Microsoft Azure and Okta Workforce Identity allow applications to be implemented similarly. The process involves having an extension for the application, often a download file. However, it's important to note that while this implementation works on PCs, it might work on Macs.

The tool's deployment is straightforward. You begin implementing applications once you've established your IDP. Deployment doesn't need a team of people. It can be done with the help of one person. Setting it up and integrating applications typically takes about a week, with additional time required for a more extensive list of applications, ranging from 50-100.

The product is not difficult to maintain once you have integrated it. 

I would rate the product an eight out of ten. My advice would be to exercise caution when implementing applications. Incorrect configurations may lead to issues, such as not having the correct username and password saved when clicking on the title. Additionally, when working with workflows, paying attention to the order of conditions is crucial. The tool is user-friendly, and you can have your applications in one place. This makes it less confusing for the users. 

Customers' workforce often operates within multiple scenarios and setups. For instance, some customers may use Microsoft Active Directory. For example, out of 5,000 employees, only 2,000 might be integrated into AD, while the rest could have access managed directly within specific applications by their respective owners. Users are burdened with managing multiple usernames and passwords, needing to input both separately whenever accessing an application. Moreover, there's a lack of visibility regarding which users possess privileged access, and whenever users change roles, it becomes challenging for customers to update access across various application layers due to the absence of centralised control. To address these issues, Okta Workforce Identity offers a solution. By consolidating identity and access management into a centralised repository, it streamlines access control, providing users with appropriate access levels based on their profiles. This centralised approach simplifies management for customers, enhancing security and efficiency.

Okta controls all the users. It has context-based access from the user and type of device. It identifies the risk and can do a step of authentication when that user is trying to access some sensitive application from an unknown device.

Okta offers single sign-on for those who prefer Microsoft or a single sign-on solution. They have integrated multiple applications with Azure. It still follows the old practice of creating usernames and passwords within the application for some legacy applications. We aim to address this issue by presenting an alternative. Instead of managing multiple username and password combinations. Azure can also integrate with IBM solutions. This creates a unified point of access once they adopt solutions like IBM's within their organisation.

If Okta Workforce Identity has a strong integration with other OEM solutions and can leverage intelligence from those OEMs to enable automatic restricted access for users, it would be highly appreciated. For instance, if it can integrate with DLP and EDR solutions, and if the DLP detects suspicious user activities, it should automatically restrict access to sensitive applications or prompt for multi factor authentication.

I have been using Okta Workforce Identity as an integrator.

The product is stable.

It is highly scalable. More than 2,000 users are using this solution. It is being used by some customers for their end customers, such as online e-commerce portals.

We work with all types of clients, but this particular solution is tailored for mid-scale enterprise customers. They should have at least 5,000 users and several hundred applications for this solution to be effective. The environment and the persona should be at a mature stage. In some organisations, there will be an IT manager, senior IT manager, and head of IT, who will be responsible for both infrastructure and security.

Whenever we need information, we receive the required support from Okta. So, if I need clarification regarding integration, communication, or any related matters, I can get support from the local IT team.

Positive

The initial setup requires the expertise of the professional services team.

Okta Workforce Identity is expensive due to currency differences, particularly between INR and USD.

I rate the product’s pricing a seven to eight out of ten, where one is cheap and ten is expensive.

MFA must be implemented to access critical applications. Cost management is essential, as it's impractical to cover payments for all users across all applications. Therefore, a risk-based approach is necessary, where MFA is implemented selectively based on requirements from the same vendor or platform. This facilitates easier deployment, management, and provides a single dashboard view for identifying and managing risks effectively. It also enables the identification of the riskiest users within the organisation.

Overall, I rate the solution an eight out of ten.

We use the solution for authentication purposes to access our applications.

The solution has improved our employee onboarding process. The tool has two layers. If something is compromised, there is another layer of protection for our enterprise application.

Single sign-on is a valuable feature. We can log in to Microsoft and Google applications. The additional layer of protection and the multi-factor authentication process helps secure our on-prem solutions. The layer before the production will be exposed to the internet. Our IT operations have improved a lot. The operation has become more automated and augmented. We face no challenges in integrating the product with our legacy systems.

The product is expensive compared to other tools.

I have been using the solution for more than one year.

I rate the tool’s stability a nine out of ten. The stability is great. The tool is robust.

The tool is highly scalable. I rate the scalability a ten out of ten. We have more than 500 users. The product is used every day.

We have a team to raise tickets to the support team if we face any issues. The process is pretty straightforward.

Positive

The initial setup is pretty straightforward. I rate the ease of setup eight to nine out of ten. The deployment took two to three weeks. One person is enough to operate and maintain the solution.

Small and medium businesses cannot afford the tool. There are no additional costs associated with the tool. The vendor must reduce the price over time.

We used Microsoft Active Directory before. We evaluated Ping Identity, too.

We do not use the tool for remote access management. I will recommend the product to others. Overall, I rate the solution a nine out of ten.

I use Okta Workforce Identity in my company since it supports single sign-on (SSO).

Okta Workforce Identity is good for helping control all applications in one console.

The most valuable feature of the solution stems from the fact that one can create a lot of workflows with the product while also being able to add Jamf software. One can also add a lot of applications with Okta Workforce Identity so that employees can use and access them from a single console. During employees' onboarding or offboarding processes, it is very easy to activate and deactivate their access.

The only area of concern in the solution stems from the fact that my company needs some help regarding the setup phase from a partner.

I have been using Okta Workforce Identity for five years. My company is a customer of Okta.

It is a very stable solution.

It is a scalable solution.

Around 1,000 people in my company use Okta Workforce Identity. Whatever accesses we provide in our company are provided through Okta.

Whenever my company has raised a ticket with Okta's support team, we always receive immediate support. I rate the technical support a ten out of ten.

Positive

For the initial setup phase of Okta Workforce Identity, you need a person from Okta to help you. In general, you may require Okta's partner's help with the initial setup phase.

Price-wise, Okta Workforce Identity is a cheap solution. The overall cost depends on the license since you can negotiate with Okta or any of Okta's partners only if you opt for many licenses.

I have not seen any disadvantages in Okta Workforce Identity. From whatever I have seen and experienced, I can say that Okta Workforce Identity is a good tool.

If you have more than 500 or 1,000 employees in your company with limited IT personnel, then you can use Okta Workforce Identity since it allows you to give access to your employees with just one console. If any employees decide to leave the organization, then it is very easy to deactivate or remove their access from your network. Okta Workforce Identity helps save bandwidth and time.

Once you get the console, it is very easy to access or add applications, reset the password for users, and reset the authenticator. If you have access to KT or knowledge transfer, it is very easy to understand Okta Workforce Identity.

I rate the overall solution a ten out of ten.

Okta provides island access management solutions, which means that anyone who needs an IIM solution can get it through Okta. For example, if you have 30-40 applications and users that need to log in to all of them, Okta can integrate all of the applications into a single point of access where users can log in once and use the same session for all of their applications. Okta also provides multi-factor authentication and other security policies to protect your users and applications.

We have multiple SSO protocols that we use for our different data centers. This is just one example of how we use Okta workforce identity to address our hybrid workforce needs. Apart from SSO, we also have Active Directory integrations that allow us to integrate with customer active directories and use active directory passwords for application sign-in and runtime authentication. This is called daily header authentication. This allows us to provide a centralized identity management platform for our users, regardless of where they are located or what applications they need to access. We can automate the process of adding users to Okta if they are activated in Active Directory, or if they are added to the database of applications or Active Directory in the last couple of days.

Currently, it has two-factor authentication. In addition to biometrics, it should offer three-factor authentication. Also, the training is too costly. Okta could reduce the training cost to make it easier.

I have been using Okta Workforce Identity as a service provider for four years.

I rate the solution’s stability a ten out of ten.

The solution’s scalability is huge. It has 99.9% service availability. We cater this solution to enterprises. I rate the solution’s scalability a ten out of ten.

The initial setup is easy. Once you understand the steps, it's straightforward. There are three steps: enrolling users, removing tenants, and updating field metadata from outside the application and SaaS integration. Deployment depends on the number of occasions, testing, and the users. If you have 30,000 users, you will need two months. I rate the initial setup a ten out of ten.

The solution is suitable for everyone, but it is locked up for a total number of years. Overall, I rate the solution a ten out of ten.