Okta Platform Reviews

We use it for API authentication, on-premises clusters as well as cluster access, and cloud cluster access.

We did not have a unified mechanism for accessing resources or a secure way of accessing resources, and Okta solved that problem for us.

One of the features that I have found to be very valuable is its interoperability and compatibility with all types of resources, whether it's networking, infrastructure, or applications. That is, it is compatible as well as interoperable, as far as the federated authentication is concerned.

It's not compatible with on-premises installations, unless you host it as a SaaS. We were not able to do that. For example, imagine a scenario where the cloud is not available. Then, Okta will not work for you. That use case will readily fail because it doesn't have an on-premises installation that you can use to authenticate or provide identity and access management. If you have a purely on-premises solution that is not connected to the internet, then this will not work. This is one area that can be improved.

I would also like to see more intelligent analysis of the identity and access management from Okta.

We have been using it for the last seven years.

It is fairly stable. However, because it's a SaaS solution, it needs to have connectivity. If the connectivity is down, then Okta Workforce Identity will be down as well.

This is one of the pluses that Okta has. It's easily scalable, both horizontally and vertically.

Right now, we have about 3,500 users.

There was one minor hiccup with technical support, but other than that, the support has been pretty good. I would give them a nine out of ten.

Positive

We used ForgeRock, and we switched to Okta mainly because of the flexibility that Okta provides.

ForgeRock requires on-premises maintenance. Because most of our applications are now on the cloud, Okta is more user-friendly in that sense.

A couple of years ago, it was 70/30, 70 being on-premises. That's why ForgeRock was the choice. However, it's flipped now to 30/70, and Okta is more useful.

We still use ForgeRock because you can do an on-premises hosting for ForgeRock. Okta doesn't have that capability.

The initial setup is very straightforward; it's a very simple setup. There are some areas for which you need some skills. If you have an SOP, you can just follow it. I would give it a four out of five.

We have three people assigned to the solution for deployment and maintenance.

We deployed it using an in-house team. The initial setup did not take much time; it took about one to three weeks.

Okta has fairly competitive pricing.

We evaluated some native cloud services, like AWS and Azure before choosing Okta Workforce Identity. 

We also looked at IBM ISAM, IBM Security Access Management, and Oracle ISAM, but they're very rigid products. That's why we went for Okta. They don't have any flexibility, and the cost was also very high compared to that for Okta.

If your use case is multi-cloud data centers and hybrid cloud architecture, Okta is a solution to go to. It's fairly easy to implement as well. It has federated identity and access management, and it works very well with any type of identification authentication. However, if you have on-premises data centers where there are connectivity problems, then it would be better to avoid Okta.

I would rate Okta Workforce Identity at eight on a scale from one to ten because I've found it easy to implement and easy to learn. That is, the onboarding or the learning curve is less. It also has federated identity and access management mechanisms, where you can apply the various resources and workloads that you have. Also, it has very good interoperability and compatibility. It can easily scale too.

I am using Okta Workforce Identity for identity access management.

Okta Workforce Identity has helped improve our organization by providing customer identity management, customer onboarding, customer identity stores, workforce provisioning. Additionally, single sign-on is one of the primary functions that has been a benefit.

Okta Workforce Identity could improve provisioning it can be made simpler.

They are implementing in one of the newer releases certification, attestation, and some role-mining abilities, but I don't know how far along that's going to be. That's a statement that they said they are going to have in the future.

I have been using Okta Workforce Identity for approximately three years.

Okta Workforce Identity is scalable.

The scalability of Okta Workforce Identity is great. It's a SaaS solution the scalability is one of the built-in expectations with it. It can scale, even though I don't scale it personally with any of the companies I worked with, it can potentially scale to support millions. It's easily scalable.

I rate the support from Okta Workforce Identity a four out of five.

I have previously used Oracle Access Management, Microsoft Azure Active Directory, and ADFS. Those would be the major ones. I've been introduced to small ones, such as PingFederate, but I never used those heavily.

We switched solutions because of the architectural design. We chose Okta Workforce Identity for external customers, it's a customer identity platform that we decided to go with.

The initial setup of Okta Workforce Identity is straightforward. I was able to get an environment ready within half a day.

I rate the initial setup experience of Okta Workforce Identity a four out of five. 

I have used an integrator and have done the implementation myself for Okta Workforce Identity.

Okta Workforce Identity scales up by the user, and then by the service that you're purchasing.

The solution is not the cheapest but not the most expensive. They are in the middle rating.

I rate the price of Okta Workforce Identity a three out of five.

I rate Okta Workforce Identity an eight out of ten.

The basic idea behind the Customer Identity product is to put in multifactor authentication for clients to make sure that people are properly managed.

It is normally used by people involved with marketing technology.

What it's done for our clients is it's reduced the number of staff they need in order to manage their campus and their partner community services. For example, users can automatically reset their own passwords if they need to, and they've got multifactor authentication so they can easily access the service and they're properly identified.

Using this product helps with the relationship between users and their account managers as well, because account managers can be sure that people are getting access to the services they need.

We are not using all of the features. We primarily use it to manage the community onboarding and offboarding of users, and it's quite a simple solution for that.

The initial setup could be easier to do.

We implemented Okta Customer Identity approximately two years ago.

This is a very scalable solution. We currently have 150,000 users.

The technical support is very helpful. They provide you with a customer success manager and they've got access to all of the resources needed to solve problems.

We do most of our own support but when we need help, we can easily get access to someone.

The initial setup is difficult because you're setting it up with your own portal. This means that you've got to have the code in the portal to do the integration, which is what makes it a little bit more difficult. That said, there is a lot of good guidance available online.

By comparison, Okta Workforce Identity doesn't require any technical skills whatsoever, but if you're a developer, then you will be developing your own code.

It is probably best to use a third party to help with the deployment. You can do it yourself but it's a steep learning curve.

This product is quite cheap on a per-user basis. We pay 23 pence (approximately $0.30 USD) per user, annually, for 150,000 users.

My advice for anybody who is implementing this solution is to make sure that it is properly prepared, as a project. Good preparation is needed so do your homework.

I would rate this solution a nine out of ten.

We've been using this solution for SSO and consolidation of IDs.

This solution brought us the SSO perspective, and this is the main reason we're using it.

The only thing I like about Okta Workforce Identity compared to other solutions in the market is that it's an easy resource that you can get, even if you're working with many users, but there is a lot to learn about it.

There are many things that Okta has to improve on. I understand that Okta has a lot of apps, like any other provider, e.g. Microsoft apps, IDP apps, or cloud identity apps.

The problem with Okta is that they create the app and they never update. In this fast-paced industry where versions keep getting updated, Okta is really slow at times.

None of the Okta applications that they create, for example, in my case: I have used the cloud identity of Microsoft apps and now I'm using the off tabs. What I found is none of the single Okta apps that we have worked and did not create an issue. They are not fully mature. So it's that aspect that can be improved, which Okta is investigating. Their application support and not having updates for those applications also need to be improved. These are the things that surprised me and I was not able to understand from Okta.

Okta's customer support should be improved.

Okta should work with certain providers, e.g. the Google cloud, the AWS cloud, the Microsoft cloud, and they should evaluate the integration point because what happens is if your organization has SSO which relies on Okta, all of these three clouds and the Okta app are far from perfect. You are not able to get the right setup based on how your security is trying to define it vs what the application can support. You'll end up using the default interface Okta provides with those apps.

I understand Okta could say that if they shouldn't worry about it because if AWS wanted to support Okta, then AWS should be the one providing us the app and support, but Okta should try to understand the users, do surveys from the different automation using Okta, and use different apps because those apps are very critical. They are far from perfect, so Okta has the worst implementation.

I've used this solution in the last 12 months. We've been using it for six years.

This solution is stable and reliable. We didn't find the solution itself hard to use.

The scalability of this solution is bad. Scalability has two or three different meanings to it.

Is it scalable from the infrastructure side of it? The answer is yes.

Is this scalable from the business perspective? The answer is no. For example, the B2B and the B2C solutions that others provide, those aspects in Okta are completely lacking.

For example, if I have the Microsoft Azure Active Directory, I have the B2C, B2B, and the phase rate, so I have a way to not only support my enterprise but my end customers in a very fast manner. In the case of Okta, that whole path is a nightmare to work with.

I didn't like Okta's support. They say they have very good support, but the moment you create a ticket, they will tell you that they provide the app, but they cannot provide support because we connected the app to another environment, or to another side of the spectrum. This seemed very odd to me.

First, we are using the application you specified, then you say you cannot support this application just because the value provided is outside of this application, so you cannot troubleshoot or help us to troubleshoot if we open a ticket. Every single time it's a chicken and egg type of situation. From that perspective, Okta's support is horrible.

The setup was straightforward. Nowadays, all the other IDPs are the same way, too. I didn't find a single IDP that had no experience at the level, and all of them can stand up at the same time, within the same time frame.

With Okta, on the other hand, the requirement to have the ID server in between, whether it's the cloud-based ID server specified, or the on-prem base, like ours: It's on-prem, but what I found was that we were not able to do it even after following all the guidance unless we had a dedicated Okta person to help us do it. It was a different situation with Microsoft and cloud IDP which were easy to set up, as we were able to do it ourselves just by following the documentation.

We implemented the solution through an integrator consultant. They are fine. They are doing the job on a daily basis.

This solution is costly.

With Microsoft, you get the exact same information that Okta gives out of the box: free, because that's what Microsoft does, and even if I compare to other cloud IDPs, with Okta, access may offer free access for startups, and if you have fewer users, it's okay. Pricing is decent. The moment you talk about the enterprise level, for example, we were talking about implementing Okta across the US with multiple customers, and the cost they gave us was two million dollars. The cost is not justified for the single assets of this solution, so Okta is bad in those terms.

We've been evaluating Microsoft Azure Active Directory. It's still in the POC phase, and it's been three or four months. We have very particular requirements, e.g. a mix of multiple IDPs with Okta, and Azure Active Directory is one of them, but that is the only one where we don't have the solution. We are trying to do the POCs first to ensure that they are able to meet our needs.

The reports I downloaded were very informative. The things that we were trying to do is generally the One ID and software entitlement. Our customers find them more useful than the Microsoft Azure side of it. They know that the functionality exists and they are able to use that functionality, but the intuitive nature of managing the entitlement was not there. We also had a requirement where we wanted to mix the Okta in between, for the SSO, so I was trying to collect as much information as I can get and that information was helpful.

Whenever you search for the Okta documentation, for example, if we search for cloud IDP and Microsoft-related documentation, it's only on Microsoft's site we get the help we need, including help from the community. Okta's community, when you Google it, is lacking because it only contains help or information about Okta products because Okta users are only able to use the product in a standard way.

This surprised me especially because Okta has such a good name, but the bottom line is, if you ask me as a decision-maker or the one who influences decisions in our organization, if I was going to choose Okta as our SSO provider, my answer will be flat NO.

The initial implementation of this solution took three months. It's a very simple and standard implementation, so that's never been a problem.

A hundred users are currently using this solution in our organization. It doesn't require heavy maintenance.

Working with Okta can be restrictive, and this is where Okta doesn't shine.

This solution is being used extensively in our organization. Increasing its usage will depend on whether they are able to convince the Infotech folks, and that's what's happening.

The advice I would give to others looking into implementing this solution is for them to first try to understand it. They should not confine themselves to selecting Okta, thinking that it's the end solution. They should look at their future needs too because once they implement Okta without considering their future needs, they will have to do a lot of hacks and tricks. Before they even delve into Okta, they have to first think about their future and how much this solution will cost in the long run.

This solution meets the need, but that's all, so I'm rating it a six out of ten.

Okta has recently built Okta Identity Engine (OIE). It has a lot more capabilities than the classic engines. The certificate-based system is one thing, and third-party tools like Intune and Jamf for iOS devices. There is a trust relationship between these device management tools, and that contributes to control over the end-user devices.

Scalacity was a company acquired by Okta, and its technology was integrated into Okta's Advanced Server Access (ASA) product.

Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products.

Okta can import many attributes into the Okta profile and send attributes from the engines. Multiple sources of truths and profile inheritance are done in granular ways. This plays a major role in ABACs going forward.

Okta's MFA features are good. Okta is looking forward with more on the push or less, relying on the Okta Verify factors. It also has extensive capabilities. It's adopting a layer-by-layer upgrade in developing the policies, like MFAs.

Okta has more when it comes to the policy level. It has distinctive features where you can do a mix and combination to have users access applications for various business cases. That's something unique and a selling feature.

Okta has a limitation with directory integrations. If you have multiple Active Directory integrations, the user distinguished name (DN) and the manager DN don't get imported properly into the Okta user profile. It has a property of Get AD user's property, but that has limitations when writing an expression language to import changes or updates to user DNs or manager DNs from AD, especially if you have AD master users.

Also, Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning. Even if only one attribute gets updated, even though it is unmapped, it can override other values in the downstream application by nullifying the query. That's the biggest flaw in my experience.

The product releases a lot of brand-new features within the quarterly releases.

It's definitely the leading Identity Access Management cloud platform. I have experience with Okta for almost six to eight years now.

I've been an Okta-certified consultant since last year. I got an opportunity to work on the workforce as well as the customer side.

I have experience with more than eight Okta tenants parallelly due to various business cases across my career. Ultimately, this product itself is a pioneer in Identity Access Management.

Scalability works very well. I've worked so far with Okta. It's like the heartbeat of that company. If Okta goes down, people are unable to authenticate anywhere. They can't get into applications. So there's a lot of dependency on Okta within the businesses and environments that I've seen so far. It's very critical.

The customer service and support are awesome. They have a CSM assigned for each organization, and they are pretty much responsive to any events that occur. Or if there are any escalations or incidents that impact the business, they're pretty much around in a timely fashion to support the organization.

We have the flexibility with our CSMs to reach them in any manner, email or phone, and they're available most of the time.

Positive

We have long relationships with other vendors for things like Identity Governance and Privileged Access Management. But one thing I've noticed is that Okta has been expanding into wider ranges. 

But, there are limits and restrictions to the existing features, which are not fully developed yet. Okta have added a lot of tech in the last couple of years.

I'm not a hundred percent sure about the return of interest because it is very much dependent on the size of the organization.

I came from smaller organizations working, like, midscale to, like, large scale. So overall, like, the security breach, like, there are, like, two to three security breaches that have happened, but nothing has been damaged so far for the organization.

So, investing more in Identity access management is a critical investment for any operation as applications are moving to like cloud and SaaS-based. So, there is a dire need to protect the digital identities of enterprise tech employees as well as their customers.

There are a lot of features you can automate. Okta Workflows is a key feature that has a separate pricing than adaptive MFA or SSO. It's a combination, but Okta has features and capabilities to reduce the IT burden. Within my experience, it's been helpful so far with a lot of overhead work that comes with onboarding and offboarding.

The pricing itself is a bit more expensive than the other products in the market so far. Since I know the product is in full demand. But, again, the price texture, features, and everything suits well for small to medium.

But, for larger organizations, it's more expensive than the other platforms. But, usually, licensing is a bit expensive.

I definitely recommend Okta. It has all the features you can utilize to protect any organization's digital entities. Considering a lot of other factors, like cost and the overall features the company wants to use. If you want to use Identity Governance, Identity Access Management, or Privileged Access Management, that's a different story. It's also a different story if you're using other products for different needs.

Overall, I would rate the solution an eight out of ten. 

It's mostly used for customer-facing applications (Customer Identity Management). API management and self-service flows are the most utilized capabilities. It offers a lot of customization in terms of branding, email notifications, and creating a good end-user experience.

For remote access, we have solutions proposed, like Okta Identity Engine (OIE). It has more capabilities than the classic engines. The certificate-based system is one thing, and third-party tools like Intune and Jamf for iOS devices. There is a trust relationship between these device management tools, and that contributes to control over the end-user devices.

Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products. 

Okta can import many attributes into the Okta profile and send attributes from the engines. Multiple sources of truths and profile inheritance are done in granular ways. This plays a major role in ABACs going forward.

Okta's MFA features are good. Okta is looking forward with more on the push or less, relying on the Okta Verify factors. But it also has extensive capabilities for Ubiquiti. It's adopting a layer-by-layer upgrade in developing the policies, like MFAs. 

Okta has more when it comes to the policy level. It has distinctive features where you can do a mix and combination to have users access applications for various business cases. That's something unique and a selling feature.

For security protocols we use most security protocols, such as OIDC and SAML.

Okta has a limitation with directory integrations. If you have multiple Active Directory integrations, the user distinguished name (DN) and the manager DN don't get imported properly into the Okta user profile. It has a property of Get AD user's property, but that has limitations when writing an expression language to import changes or updates to user DNs or manager DNs from AD, especially if you have AD master users.

Also, Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning. Even if only one attribute gets updated, even though it is unmapped, it can override other values in the downstream application by nullifying the query. That's the biggest flaw in my experience.

The product releases a lot of brand-new features within the quarterly releases. There's a feature roadmap for Okta CIM, and most of it is coming in with a lot of users or the customer side.  

It's definitely the leading Identity Access Management cloud platform. I have experience with Okta for almost six to eight years now. 

I've been an Okta-certified consultant since last year. I got an opportunity to work on the workforce as well as the customer side. 

I have experience with more than eight Okta tenants parallelly due to various business cases across my career. Ultimately, this product itself is a pioneer in Identity Access Management.

It's pretty much stable most of the time, but I have come across a lot more outages recently within Okta. 

 But, Okta is definitely a very good product.

Scalability works very well. I've worked so far with Okta. It's like the heartbeat of that company. If Okta goes down, people are unable to authenticate anywhere. They can't get into applications. So there's a lot of dependency on Okta within the businesses and environments that I've seen so far. It's very critical.

The customer service and support are awesome. They have a CSM assigned for each organization, and they are pretty much responsive to any events that occur. Or if there are any escalations or incidents that impact the business, they're pretty much around in a timely fashion to support the organization. 

We have the flexibility with our CSMs to reach them in any manner, email or phone, and they're available most of the time. Very good.

Positive

We have long relationships with other vendors for things like Identity Governance and Privileged Access Management. But one thing I've noticed is that Okta has been expanding into wider ranges. However, there are limits and restrictions to the existing features, which are not fully developed yet. I think they've added a lot of tech in the last couple of years.

It's always smooth and straightforward to set up, but we can definitely have a bit of complex solutions.

I'm not a hundred percent sure about the return of interest because it is very much dependent on the size of the organization.

I came from smaller organizations working, like, midscale to, like, large scale. So overall, like, the security breach, like, there are, like, two to three security reasons that have happened, but nothing has been, like, damage so far for the organization. 

So, investing more in Identity access management is a critical investment for any operation as applications are moving to like cloud and SaaS-based. So there is, like, a dire need to protect the digital identities of enterprise tech employees as well as their customers. 

There are a lot of features you can automate. Okta Workflows is a key feature that has a separate pricing than adaptive MFA or SSO. It's a combination, but Okta has features and capabilities to reduce the IT burden. Within my experience, it's been helpful so far with a lot of overhead work that comes with onboarding, offboarding.

The pricing model for the Customer Identity product is based on Monthly Unique Users (MUI).

The pricing itself is a bit more expensive than the other products in the market so far. Since I know the product is in full demand. But, again, the price texture, features, and everything suits well for small to medium, for sure. 

But, for larger organizations, it's more expensive than the other platforms. But, usually, licensing is a bit expensive.

I definitely recommend Okta.

Every organization needs workforce productivity as well as customer security. The need is definitely there for any enterprise or organization to protect their identity. Customer security also plays the utmost role in protecting customer data.

Overall, I would rate the solution an eight out of ten. 

We have been using this tool for access management. Our client has connected their app's security with Okta Workforce Identity. We have used LinkedIn's libraries to integrate it with various apps, including Oracle and others.

Workforce Identity offers a comprehensive access management solution with multi-factor authentication, total control, and features like app access management, identity governance, and administration tools such as certification and access request management. These are typically found in identity management solutions, but Okta integrates them seamlessly into its user interface.      

They should focus on providing top-notch team access management to companies.

I have been working with Okta Workforce Identity for the past 10 months.

It has proven to be stable in the time I've used it. If there are any challenges, their support team has been responsive and helpful. Overall, my experience with them has been positive.

It's scalable, but we need to coordinate with Okta's support team or our account manager if we want to increase our workload. Since it's a complete SaaS solution, they can make the necessary adjustments accordingly.

As premium customers, we have the opportunity to schedule calls directly with Okta's expert team members for discussions and support. It's a valuable perk of being a premium user.

Positive

I haven't personally handled the deployment, but I've worked on configuring the printer, which wasn't too complex. As for deployment time and manpower, it's a bit different since Okta Workforce Identity is a cloud-based platform. We don't need dedicated servers as Okta manages integration. We work on our own tenants, and Okta provides preview environments for testing new features. As for maintenance, it's not too difficult, especially for premium customers who can raise support tickets if needed.

I received good support for addressing some bugs, although there were delays in fixing them due to the product backlog and prioritization process at Okta. The resolution time depended on how they prioritized issues, which sometimes caused delays. Overall, I would rate it 7 out of 10.  

We use Okta Customer Identity mostly for SSO (Single Sign-On), and we also use it for user and application management, in particular, for SaaS applications.

Okta Customer Identity improved the company when we used it for user identity management because we were able to manage our user provisioning and de-provisioning through the solution very efficiently.

If users are joining the organization or if they're in the onboarding phase, we can take care of the applications and all other requirements through Okta Customer Identity.

When users are leaving the organization or when they're in the off-boarding phase, we use the de-provisioning feature in Okta Customer Identity for those users.

We're very happy with the solution and its features.

The most valuable feature of Okta Customer Identity is its SSO because it's very easy to use and it's user-friendly. Even the admin portal of the solution is very user-friendly, and you can walk through it with ease.

Okta Customer Identity is not a complicated solution, and even the workflow automation feature is very, very easy to understand.

What I'd like to see improved in Okta Customer Identity is the process of exporting users. Currently, it lacks this feature, and you have to use a third-party tool to export users from the group. Exporting users should be very easy, though I did notice that Okta Customer Identity is being upgraded from time to time, and I've been seeing much improvement in it compared to the previous years.

I've been using Okta Customer Identity for three years now.

Okta Customer Identity is a stable solution.

Okta Customer Identity is a scalable solution.

Okta Customer Identity has good technical support, and on a scale of one to five, I'm rating support a four.

I would rate the initial setup for Okta Customer Identity as four out of five. Deploying it was very easy.

We deployed Okta Customer Identity with the help of a third party. We deployed the solution and received help from their support team, which was very supportive during deployment. We were able to deploy the whole environment in a very, very easy manner. We just opened a ticket then the Okta support team helped us in setting up the solution.

I have no information on Okta Customer Identity ROI.

I'm unfamiliar with the licensing costs of Okta Customer Identity.

I evaluated Microsoft Azure AD.

I'm using the latest version of Okta Customer Identity.

My company has a partnership with Okta Customer Identity.

Two thousand people use Okta Customer Identity within the company, mostly engineers. Three people take care of the deployment and maintenance of the solution: one junior engineer, one system engineer, and one architect.

There's a plan to increase the number of users of Okta Customer Identity in the future.

My advice to people looking into implementing the solution is to go ahead and implement it. Okta Customer Identity is a very good technology to work with, with a very knowledgeable support team. You'll get instant support, and the team is very supportive.

My rating for Okta Customer Identity is eight out of ten. I'm not scoring it a ten because of some gaps. It's fine for me right now, but in the future, I would like to see improvements in the solution.