As part of Identity and Access Management solutions, or IAM, that many organizations use, Okta Platform is a mature cloud-first IAM platform that uses many single sign-on methods. This is one use case for applications, along with MFA and federation across SaaS and custom applications.

Okta Platform helps to secure access to cloud environments, APIs, containerized workloads, and AI/GenAI services in my architecture by allowing me to create the application in Okta Platform and assign it to the right users and groups, then start configuring the authentication. The first step is multi-factor authentication, which helps secure that only the approved users and groups are allowed to use that application, whether it's an AI application or an on-premise organization application. Another important measure to avoid attackers from gaining users' credentials, such as passwords, involves single sign-on. Additionally, Okta Platform has an adaptive access policy, meaning the user, or employee in this case, does not need to remember the password. Once the administrator configures SSO, the user does not need to go through password authentication; if they are authenticated using MFA, it works directly.

The use of Okta Platform to protect non-human identities in my environment, such as service accounts, machine-to-machine access, or AI agents, is limited since in the organization I work for at Deloitte, we use Microsoft for that. Okta Platform is a great IAM solution, but it is not an IGA solution, short for Identity Governance. The first thing an organization needs to look at is to understand their use case: do they need IAM or IGA or do they only need IAM? Because if it's only IAM, Okta Platform is good, but if they also need IGA to govern non-human identities and others, it is not a solution for that.

Okta Platform helps to address specific industry or regulatory requirements such as healthcare and financial services in my cloud environment. For instance, it benefits the banking industry and the e-commerce industry as well. However, it is available for many industries because it's a very mature and cloud-first IAM platform, making it perfect for companies or startups that are just starting out; they don't need to go through on-premise setups.

What I like about Okta Platform includes its large, pre-built application integration catalog, which is very useful. It also has strong support for the SAML standard and OpenID, commonly referred to as OIDC. Additionally, it offers good API and extensibility for custom use cases and works well in hybrid and multi-cloud environments.

The main benefits that Okta Platform brings to the table include strong authentication, which is the first thing, and adaptive MFA, which is very good. For example, if someone tries to log in from a country that is different from the countries they typically sign into, then Okta Platform will ask them to perform another authentication to verify that it is, in fact, the same user. Strong authentication is crucial, along with federation that I used for both cloud and on-premise systems. Federation worked very well, and it facilitates fast SaaS onboarding, with application templates in Okta Platform which make the whole configuration easier. Coming from a Microsoft background, I appreciate how Okta Platform is vendor-agnostic, meaning you do not need to depend on anything; it can work with any identity or identity governance vendor.

I noticed measurable security and operational improvements in my cloud-based workloads since implementing Okta Platform. It is very stable; we didn't have many errors when it came to users trying to log in, which is the first thing. Federation also worked, and that's one use case I can say I used it for. I had a client that was an organization with over 5,000 employees, and they wanted the authentication to go for Microsoft, but through Okta Platform. In reality, what happens is the user tries to log into an Okta Platform application and then gets redirected to Microsoft. That is federation, which refers to redirecting them to a Microsoft page. Once they complete the right authentication, they are redirected back to Okta Platform, making it a successful use case for a large organization in the insurance industry.

While there are many good things about Okta Platform, I would like to see improvements, especially in the IGA capabilities, which are limited compared to more dedicated IGA tools. I believe adding this would give them a real benefit. Additionally, it is not designed as a privileged access management solution, referred to as PAM. As I come from a Microsoft background, I see that Microsoft has both IGA and PAM capabilities, which Okta Platform lacks. Another area for improvement is pricing; it becomes complex and expensive when you add features. I would like to see licensing transparency, possibly some cost control notifications. Lastly, better policy visualization would be nice to have, showing how the policies configured can be represented more visually.

I have been working with Okta Platform for the past year.

When it comes to scalability, I find that Okta Platform's performance is very good. That's the whole point. As soon as you scale up, it often comes with additional costs, but that worked perfectly for us. We managed to implement it for a large organization with many users, so there was no problem; it was very stable.

I would evaluate customer service and technical support for Okta Platform by noting that we did need assistance once when we blocked ourselves out and had to contact Okta Platform support. It took about two days for them to respond, which I think is reasonable. However, this also depends on the support license that you have. We had the minimum one, but still, two days is acceptable as they helped us resolve the issue.

My experience with the deployment of Okta Platform is that the initial setup is straightforward for standard use cases such as fast SSO and MFA. However, complex environments such as hybrid AD, custom applications, or lifecycle automation require careful design and skilled implementation to avoid the technical debt that's often referenced.

Regarding the pricing of Okta Platform, while it is high and complex, I find it does bring a return on investment. The important thing is for companies to evaluate the total cost and not just the base licensing because once you add more features, the total cost increases. This evaluation varies based on the organization's use case; if it's below around 100,000 users, it should be fine. However, if you plan to go beyond that, evaluating the total cost becomes crucial.

I decided to switch to Okta Platform for different use cases for different organizations, particularly at Deloitte. We noticed that many of these organizations that are very Microsoft-heavy, meaning they have many products with Microsoft, find that Microsoft Entra ID, which is an IAM and IGA solution, fits them perfectly because they are already in that Microsoft ecosystem. However, for organizations that are not heavily involved with Microsoft, then Okta Platform is a great solution because they do not need to be dependent on any vendor. It's cloud-first, and so if you need specific IAM without being tied to Microsoft, I think Okta Platform is the best alternative.

Given my experience with Okta Platform and with other technologies, my advice to other organizations considering it is to clearly define if they want IAM versus IGA requirements as early as possible. Okta Platform is not a full IGA platform, and organizations need to understand that coming in. They should also evaluate the total cost and not just the base licensing. Lastly, if they are Microsoft-heavy organizations, they might consider Microsoft Entra ID, but if they are not deeply tied to Microsoft, then definitely go with Okta Platform. I would rate my overall experience with Okta Platform as an eight out of ten.

Our company is an educational training platform operating as a global online training model. We focus on IT services and training, managing global employees and user accounts while handling the onboarding and offboarding process. We specifically use Okta Platform to manage MFA, SSO, and logins for multiple applications. It is integral to our identity and access management strategy, effectively centralizing our application management. We opted for Okta Platform because we wanted a separate, unique platform solely dedicated to identity management, unlike Microsoft Azure, where additional interconnections like Entra ID and Intune might be required.

Okta Platform offers valuable features such as centralized identity and access management, which allow for a single sign-on process, simplifying user authentication across applications. Its scalable management solutions provide strong multi-factor authentication, integrating easily with various applications using protocols like SAML, OAuth, and OpenID Connect. An intuitive admin interface makes user roles and access policies easy to manage, enhancing overall operational efficiency and security.

Security improvements are notable, with centralized identity control and reduced IT workload through automation. Okta Platform supports onboarding and offboarding employees, improving user experience with fewer logins needed.

Overall security posture with adaptive multi-factor authentication centralizes access control, especially benefiting hybrid and multi-cloud environments. Smooth deployment and scalability eliminate lag, providing seamless and stable operations in managing user accounts and identities.

Okta Platform's pricing model can be expensive for smaller organizations, affecting user feature accessibility. Initial setup and configuration require careful planning and experience from administrators. Cloud-based infrastructure may lead to access issues during downtime or service disruptions. Support response time could be improved, especially for non-premium customers.

Pricing could be more competitive compared to alternatives like Ping Identity, OneLogin, and Microsoft Azure AD. More responsive customer service, enhancements in setup configuration, and support could improve the platform. Prioritizing customer issues in support tickets based on urgency level might enhance response time, helping businesses manage crises more efficiently.

We have been using Okta Platform for almost three and a half years.

Okta Platform is absolutely stable, with no experienced lag. This ensures immediate action upon changes applied within Okta Platform, stabilizing operations in managing user accounts, identities, logins, and user profiles. With functionalities running smoothly, it fulfills stability expectations effectively.

Okta Platform's scalability is robust and performs well. It responds quickly and does not delay processes, yielding timely, appropriate results. There is no lag, allowing the platform to function smoothly. It is secure, providing needed scalability without impacting performance.

While the deployment process was smooth, helped by Okta Platform's support team, more immediate assistance post-deployment is required. Currently, the support response time is too long, adversely affecting business during urgent issues or scenarios. A suggestion is improving the customer support experience by introducing a priority system for issues, allowing urgent cases to be addressed swiftly. Adding features in support ticketing to prioritize urgency could enhance effectiveness.

By offering a system to set varying priority levels on support tickets, urgent issues could receive quicker attention, benefiting business continuity and customer satisfaction.

We considered other identity platforms available in the market and ultimately chose Okta Platform for its unique, standalone identity management capabilities.

Oakta Platform's deployment and initial setup were smooth and straightforward. We were guided effectively by Okta Platform's support team on how to configure it to fit our business needs and tenant setup.

Our team implemented the platform internally without utilizing external consultants, integrators, or resellers, except for support guidance from Okta Platform's support team.

We have a basic business standard license for Okta Platform. If we go beyond that, it is a little pricey compared to other models. Alternatives like Ping Identity, OneLogin, and Microsoft Azure AD offer minimal costs.

Comparisons were made with platforms like Microsoft Azure, which require interconnections, unlike Okta Platform's independent design. Our management team ultimately preferred Okta Platform for its unique identity management focus, taking insights from Okta Platform's demo presentations.

Okta Platform's genuine uniqueness in focusing on identity is appreciable, unlike other tools requiring interconnected services. However, the pricing, initial configuration, and support response need improvements for enhanced customer satisfaction. A customer feedback mechanism to prioritize urgent issues might ensure timelier assistance during crises, maintaining business continuity and satisfaction. I would rate this overall experience as an eight out of ten.

Okta Platform is essentially the gateway for everything we do. We have the Okta app on our phones and computers, and it is the only way we can access any of our interfaces on a day-to-day basis, including work messaging on Slack or any of our apps. We go through Okta FastPass to gain access. Every 60 days, I have to reset that on my phone by logging out of everything, doing Face ID, and verifying my credentials before I can log back in and keep everything secure. Additionally, we have to update our password every 180 days or so. I basically start my day every morning with Okta identification or verification.

Okta Platform helps to secure access to cloud infrastructure, APIs, containerized workloads, and AI generative AI services. It pairs well with some of the AI tools we use. I even have a verification method for ChatGPT and Glean, which is another AI interface. Okta Platform essentially applies to anything I use on a day-to-day basis. I do not get any pop-ups throughout my day, which indicates that it is securing the interface or network I am using or even just the application.

Okta Platform protects our benefits and payments app through Workday, so it definitely protects my benefits, my pay information, and any type of personally identifiable information such as first name, last name, and Social Security number.

Ease of use is what I value most about Okta Platform. It is not difficult to learn or navigate. Once you have a username and password, you can have your computer memorize it. On my phone, I use Face ID so that I am not having to type in my password every single time, but it does make things very secure. If I ever were to leave my laptop anywhere by accident and not be able to recover it that same day, I would be able to trust that it would block anybody from getting access to anything because that is something you have to log into every day. Ease of use and the ability to trust the product are what I value most.

Okta Platform does not recognize when I have already verified myself once on my HubSpot login across multiple tabs. I have to verify myself for every single tab. If there were a way to recognize that I already verified myself on that URL or domain and just give me access to the rest of the tabs instead of having to click one by one, that would be an improvement.

Okta Platform does not recognize when I have already verified myself once on my HubSpot login across multiple tabs. I have to verify myself for every single tab. If there were a way to recognize that I already verified myself on that URL or domain and just give me access to the rest of the tabs instead of having to click one by one, that would be an improvement.

I have been using Okta Platform for at least five years.

Okta Platform does not lag. The only thing that might happen every once in a while is that I will click Okta FastPass, it will spin, I will click submit, and then nothing will happen. I just have to refresh my tab and then do it again. However, that happens pretty infrequently.

Okta Platform definitely supports our whole company, which is not small at all. It is good to know that it can support both smaller and larger teams.

I have not had to contact Okta's technical support or customer support, which is probably a good thing.

I have used Cloudflare in the past. I know it is not really a direct competitor, but that is maybe the only thing else that I would mention.

I did not do the initial deployment, but when I was first brought on, I had to go through the whole setup of everything to tie to my email address and all my information to be a verified user on the account for Okta Platform through HubSpot. It was pretty easy. I had to set it up on my phone, download the app, and scan the QR code. It was pretty simple on both my laptop as well as my phone.

Okta Platform does not protect non-human identities in my environments.

My use cases for Okta Platform involve having a single place for authentication, as my company requires it for all of our applications that we use with our organization, which includes SAML and SSO. It's a critical piece for authentication, and the token generally lasts about eight hours based on our company's configuration, allowing us to sign in once a day and eliminating the need to enter credentials multiple times for different applications. Okta Platform authentication is essential because it minimizes the hassle of signing into multiple applications while maintaining security. Essentially, all my critical apps are secured with Okta Platform, which also provides features like second-factor authentication through cell phone verification or facial recognition. Overall, it's very functional and an integral part of our business processes.

Regarding how Okta Platform helps secure access to cloud infrastructure, APIs, containerized workloads, or AI services in our architecture, I can't provide an authoritative answer on how security is hardened since I wasn't involved in that aspect. However, I know that it provides security. My company has been using it for four years without plans to change because it remains secure, even as we increase our internal applications and expose some to clients.

The workloads secured by Okta Platform are hosted across multiple cloud providers, including AWS, Azure, and some GCP, so it encompasses all of those.

For AWS, we have integrated EC2 instances with Okta Platform, and I'm not sure about other services or buckets related to the things you mentioned, such as Amazon Voice.

I see the benefits of Okta Platform immediately upon deployment, as it saves time. Dealing with multiple authentications without a federated system is time-consuming, requiring different passwords for different applications, which is a hassle. As soon as Okta Platform was implemented, there was an immediate improvement in the ease and speed of secure authentication.

Personally, I have noticed measurable security and operational improvements since implementing Okta Platform, primarily due to the ease of access it provides in a more secure manner while saving time.

What I dislike about Okta Platform is that sometimes there has been some downtime. It doesn't happen often, but ironically, it did occur on a day I knew this call was coming, leading to a brief period when Okta Platform authentication didn't work. We had to rely on third-party IT support to resolve it. When this happens, it stops us from accessing what we need until the issue is fixed.

I have to mention some occasional downtime with Okta Platform. It doesn't occur very often, but when it happens, it's crucial because you can feel stuck without it.

I have been working with Okta Platform for just over four years.

Regarding stability, there hasn't been much to note aside from some occasional downtime, but I appreciate the different options provided by Okta Platform for verification. You can manually enter a password, use push notifications, or facial recognition, which can be more convenient depending on the context, whether mobile or at a desk.

I believe Okta Platform has been scalable. My company has integrated all major applications, and it has supported our growth without issues.

I've contacted internal company IT support a few times while learning the intricacies of Okta Platform, but I've never reached out to Okta Platform's direct customer support.

My organization hasn't tried any alternatives to Okta Platform, and I personally haven't had the need to seek them out. Some people look for alternatives such as password managers, but those are not the same. Implementing a solution such as Okta Platform isn't straightforward without a team behind it, so once it was working here, there wasn't a felt need to explore other options. I'm unsure of what the previous system was, but I believe they considered Cisco Duo at one point without ultimately proceeding.

The initial deployment of Okta Platform was easy and without any significant bumps, as far as I know.

The deployment of Okta Platform involves a lot of collaboration across the security team, working with the CISO to ensure adherence to standards such as SOC and FINRA. Though technically it's not a one-person job, my company wouldn't implement it that way either, as there is always a team behind it.

I probably don't think of anything else, as Okta Platform does what it intends to do. Given my experience in the field, I recognize that these tools work well, but they're only as effective as their configuration and security hardening. My company has done an excellent job with Okta Platform, and I feel it's a quality product because it effectively integrates single sign-on and SAML authentication.

I'm not entirely sure if our organization uses Okta Platform to protect non-human identities, such as service accounts or AI agents, as we've rolled out chatbots and are developing them. I can't confidently answer that question.

Okta Platform does help address specific industry or regulatory requirements, such as those in healthcare and financial services, for both our organization as an outsourced IT service provider and internally when accessing platforms.

On my end, there are updates from time to time for apps on mobile devices or operating systems that need to be addressed, but company policies manage updates for company-owned workstations, so it's not too burdensome.

I'm not aware of any formal partnerships with Okta Platform in my department, so I can't speak to that.

I would rate this review an 8 overall.

I work for a review website for enterprise IT. We publish reviews for other people to read, either publicly or anonymously. We also work directly with Okta Platform, and they are interested in user feedback regarding what people like and what people dislike about their product. I am actively using Okta Platform.

Okta Platform team told us about a feature called Universal Directory. I have tried using it.

Okta Platform performs well regarding stability, lagging, crashing, and downtime.

Okta Platform can be scaled across different applications, platforms, and even for dashboard missions. It performs well regarding scalability.

I have not tried using any alternatives to Okta Platform or similar solutions.

Okta Platform pricing and deployment are easy.

One person can handle the deployment for a new client. Deploying Okta Platform does not require any maintenance on my end.

I do not have any partnerships with Okta Platform; I am just a customer. I will refer Okta Platform if scenarios arise. If anyone asks for a suggestion, I will definitely suggest Okta Platform. I would give Okta Platform a rating of nine out of ten because no software deserves a perfect score, but Okta Platform comes very close.

I have hands-on experience with Okta Platform for a little over three years, starting in 2023, integrating SaaS apps with SAML, OIDC, enabling MFA, including WebAuthn and FIDO2, and building group-based assignments.

Since then, I have day-to-day admin tasks including app onboarding, policy tuning, certificate and metadata rotation, lifecycle automation, HR-driven processes, and troubleshooting SSO issues end-to-end, including IDP and SP log attribute mapping and role entitlements.

The main use case is centralized SSO and MFA for internal apps with event-driven lifecycle automation and JML to enforce least privilege and clean deprovisioning. Some examples from a typical day include onboarding new hires every morning via HR events from Workday, ensuring the right access is provided and provisioning automatically to enforce MFA while keeping auditors happy regarding least privilege and SOD.

The HR trigger, such as Workday pushing a new hire to our IAM workflow, allows Okta Platform to serve as the IDP and source for app access, mapping job codes and departments to Okta Platform groups, such as sales to US finance analyst, while integrating apps toward Snowflake with read-only permissions. After integrating apps, the SSO setup gets done with SAML or OIDC protocols with Okta Platform as the IDP, validating NameID, subject format, sign, and encrypt settings while rotating all SP or IDP certificates as per schedule.

Subsequently, MFA and conditional access are arranged where policies require Okta Verify push on everything we engage with. We also manage attribute governance by maintaining profile mapping, including username, email ID, and department entitlements. App rules are assigned via groups, followed by monitoring and troubleshooting, ensuring a smooth deprovisioning process. For leavers, Workday termination revokes Okta Platform account and app assignments immediately, resulting in new hires being productive on day one while keeping admin efforts low and long ticket trails rare.

Automation has acted as a force multiplier for my workload and my team's efficiency. We moved from ticket-driven manual steps to a predictable policy-driven flow, making onboarding faster, cleaner, and far less noisy.

Okta Platform has positively impacted my organization through measurable risk reduction, faster onboarding, and fewer tickets. The concrete data indicates that the onboarding cycle time reduced by 50 to 60%, from one to two working days down to two to four hours for most SaaS apps. The day-one access rate has increased from 78 to 96%, with a relative score for new hires having required apps by 9:00 AM on their start date. Furthermore, the ticket volumes have fallen by 30 to 40% over the quarter.

The best features offered by Okta Platform that stand out most to me in my day-to-day work include Universal Directory and profile mapping, which matter as they form the foundation for clean attribute-driven access. I can normalize identities from HR and AD, map attributes once, and drive consistent entitlement across apps.

Additionally, features including group rules, dynamic assignments, SSO with robust protocols supporting SAML and various OIDC integrations, excellent provisioning, deprovisioning capabilities, adaptive MFA, WebAuthn, and efficient system and troubleshooting tools also stand out.

Universal Directory and profile mapping help me with day-to-day identity management by serving as the backbone for keeping identity data clean, consistent, and automation-friendly. Practically, Universal Directory acts as a single source of truth for users, allowing us to aggregate attributes from HR, Workday, AD, and other sources into a single Okta Platform user profile. This normalization standardizes formats, such as email in lowercase and phone numbers in E.164, preventing downstream apps from breaking due to case sensitivity or formatting.

Profile mapping enables me to transform attributes once, such as concatenating first.last for usernames, deriving different manager emails, and reusing them across all apps. This creates clean, predictable attributes driving group rules, which in turn govern app assignments and SCIM provisioning, making the JML process work efficiently without the need for tickets.

Okta Platform Integration Network's capability to enable faster deployments serves as a force multiplier for speed and risk reduction when it is mature and well-curated. It essentially turns a lot of custom work into configuration, which results in gains in deployment speed and reliability.

I assess the role of Universal Directory as a single source of truth for user identities in my organization as central to how we enforce identity hygiene and drive automated access. Its role functions as an authoritative profile and policy engine that normalizes identity data and pushes clean, consistent attributes downstream. We utilize it for data aggregation, normalization, profile mapping and precedence, attribute-driven access, federation claims, and policy enforcement. The measured outcomes with Universal Directory in the middle indicate that onboarding lifecycle durations dropped by more than 30 to 40%, with late access-related tickets falling by the same percentage, around 35 to 40%.

Although I am a fan of Okta Platform overall, there are areas where it could improve security outcomes and reduce admin friction. My top improvement areas include the system log and analytics upgrade, which are great for point troubleshooting, but trending and root cause analysis across large tenants still require exporting to SIEM. Verbose queries and long-range retention costs can add up. Additionally, while certificate rotations are better than most, the process is still manual for busy portfolios, especially concerning multi-SP SAML certificate rotations and app metadata drift.

Two more buckets of potential improvements for Okta Platform involve user experience and security. There is the issue of push fatigue and prompt sprawl, where users receive multiple prompts across different apps and sessions.

I arrived at the rating of eight because the core controls are strong and reliable, but a few operational UX and UI gaps prevent it from being rated higher. The reasons for not giving it a nine or ten include ongoing issues concerning safety and change safety, the complexity of group rules and mappings, and the lack of robustness in policy management. Additionally, there remains a need for more manual involvement than necessary, especially for large portfolios and dual certificate rotation, along with proactive SP data metadata validation.

I have been working in my current field since April 2023, with a little over three years of experience in that time.

Okta Platform is stable on an enterprise scale; however, scalability ultimately depends on how one architects and operates the system.

The scalability of Okta Platform is impressive, but its effectiveness relies on how integrations are designed, rate limits are handled, and day-to-day operations are managed. Customer support is generally reliable, featuring clear tiers with excellent assistance during roll-outs if the right plan is chosen and SLAs are well defined. Best outcomes emerge when paired with strong internal runbooks and partner support.

Overall, customer support tends to be dependable, but the real experience will depend on the support tier selected and the level of preparedness.

Before adopting Okta Platform, we utilized a homegrown SSO system employing ADFS for certain apps and direct LDAP binds for others, alongside a few apps with local accounts.

Automated lifecycle management has transformed my onboarding and offboarding efficiency significantly. Previously, onboarding felt toward a bottleneck, and offboarding raised risk concerns. Before implementing the Okta Platform-driven lifecycle, HR would create a ticket in ServiceNow, and three different teams would manually provision AD, email, and six to eight SaaS apps, which typically took around one to two business days, during which errors frequently occurred, including wrong groups and missed deprovisioning, resulting in no clean audit trail.

Offboarding was even worse, with terminations after hours sitting until the next day, creating 12 to 24-hour orphaned account windows across key apps. The task was to automate the entire JML process end-to-end. After integrating Okta Platform and linking HR to serve as Okta Platform UD, mapping everything, and designing attribute-driven access with SCIM provisioning while implementing movers logic, the results were remarkable. The time-to-access dropped from one to two days down to two to four hours for SCIM provisioning, improving day-one readiness from 78 to 96% for new hires. Manual provisioning tasks fell by 55%, allowing the IAM team to reclaim 10 to 12 hours per week to focus on governance and SOD areas.

This transformation allowed HR hires in Workday to auto-create the Okta Platform user, with Universal Directory attributes driving the assignment seamlessly.

My impression of the automated threat response feature in Okta Platform AI is that it brings net positive results concerning both speed and containment when tuned appropriately. It shortens the time from suspicious signals to protective actions, practically reducing risk without overwhelming the SOC with noise.

We have seen a return on investment with clear metrics that demonstrate both hard savings and reduced risk.

Pricing for Okta Platform has proven to be straightforward, with no challenges encountered. As a fully SaaS solution, everything is pre-built and managed by Okta Platform. The costs come down to paying for subscriptions, professional services, and ongoing operations, specifically licensing workforce identity with SSO and adaptive MFA for all employees, along with add-ons towards Lifecycle Management for JML automation at scale, Advanced Server Access for Linux and Windows servers, and IGA for access certification indicating SOD. The pricing per-user list drops when user counts rise and with multi-year commitments.

In evaluating options prior to choosing Okta Platform, we ran a structured assessment comparing various solutions such as ADFS, Duo plus manual JML, and also considered alternatives including Microsoft Entra ID and Ping Identity.

My advice for teams considering Okta Platform is to start with clear objectives and metrics, defining what success looks like to ensure effective implementation. I am providing this review with an overall rating of eight.

My use case for Okta Platform is that we mostly use it for SSO for the applications we have integrated with Okta. We primarily use SSO for user authentication, and user management is not particularly involved, but we are importing users from Active Directory to Okta.

I assess the role of Universal Directory as a single source of truth for our user identities by stating that there is an application called Workday, and from Workday to SailPoint, Okta Platform will be the target system for SailPoint. When a user joins the organization, aggregation runs from HRMS to SailPoint, which is responsible for creating the birthright application, with AD being one of those. Once the user is created in AD, import jobs will run based on the mapping we did with AD and Okta Platform, and the user will be created in Okta Platform.

The best features of Okta Platform include the import feature, which allows for new employees joining the organization to have their AD account created, and when this import runs from AD to Okta Platform, this employee will be created in Okta Platform. This feature represents automation between Okta Platform and AD.

Apart from these features, I appreciate that there are password policies and authentication policies or network zones we can configure in Okta Platform. If we want to restrict the users from logging in from specific network zones or blacklisted ones, we can configure those.

The context-aware policies of adaptive MFA influence my authentication process because we can enable more MFA based on client requirements. Okta Platform is one of the MFA tools available, alongside others such as RSA, and based on the requirements, we can enable those and apply the policy accordingly.

The positive impact I have seen from using Okta Platform is that it makes it easier for new joiners to get birthright access and have users added based on department or employee type. We implement rules and policies, such as when a user joins the sales department; we can configure the group rule, and the user will automatically be tagged to that specific group. This represents an automated process with Okta Platform, rather than doing it manually.

The automated lifecycle management helps with the efficiency of onboarding and offboarding by ensuring that once a user joins the organization, they come into HRMS. From there, it goes to AD, and the target will be Okta Platform. Birthright access and applications are provisioned based on conditions. For offboarding, if an event is triggered, such as leaver or termination, values will be populated in AD, and once the import runs, Okta Platform will terminate the user, disabling access and removing whatever accesses the user had.

In Okta Platform, I do not see much room for improvement because currently, they are managing automations and the new workflow, which helps with automation. Previously, this was not available in Okta Platform, but it was introduced recently.

The automation aspect can be improved.

I have been using Okta Platform for three and a half years.

The stability of Okta Platform, I would say, is an eight because it is growing day by day. Previously, it had static features without automation, but currently, it is moving towards automation and introduced workflows.

I would consider the scalability of Okta Platform to be a six.

The scalability rating of six is due to factors that come with the tenant and the specific elements around that, which I am not entirely sure about.

My relationship with the vendor is as a customer and partner. When we have issues with Okta Platform, we reach out to their support team, and they take care of the issues we encounter.

We do not go through AWS, GCP, or Azure for Okta Platform; instead, we usually access the Okta Platform support portal to raise our concerns, and the team reaches out to us to resolve those issues, sometimes scheduling meetings as needed.

Before using Okta Platform, I did not really use any other software, but I did consider Entra ID, which is most probably similar to Okta Platform. However, Okta Platform has a user-friendly interface and is easy to use.

The integration aspects include that the capabilities come with modern protocols, making it easier for integration with various protocols and target systems.

Integration capabilities of Okta Platform enable faster deployment, as they support modern protocols such as IDP and SSO.

I have not used Okta Platform AI, but I need to check on its automated threat response features.

Regarding pricing for Okta Platform, I am not aware of how much it costs because I used to work as a consultant for them, and the licensing details are taken care of by the sales team or others.

The solution requires little maintenance, and I would say it is easier to maintain compared to other IM platforms such as SailPoint, which had huge coding and infrastructure costs.

My advice to others looking to implement Okta Platform is to definitely go for the software instead of Entra ID, as it offers a much easier and user-friendly UI.

We had a bunch of Active Directory servers, Windows Active Directory servers on-premises. We did an Okta Platform agent installation on those servers to synchronize the identities from Active Directory to Okta Platform. We then leveraged that integration and configured it as an Identity and Access Management and SSO solution.

I used Okta Platform as Identity and Access Management, which served as the source of truth for every single application entitlement and role-based access. Role-based access was a particularly important feature. Multi-Factor Authentication was essential, and I am using and consuming a lot of those even today for a couple of applications, though I am not managing that particular Okta Platform instance as it is managed by a third party. Identity and Access Management, Multi-Factor Authentication, role-based access, and SSO were all critical components, serving as the source of truth for the entire application footprint. I also used Okta Platform for Zero Trust Network Access on the consumer side, which was a Palo Alto engine that I integrated with Okta Platform.

Okta Platform is a SaaS service, not something which you have to host yourself on-premises. Of course, you need agents to synchronize if you are already moving from a traditional on-premises identity-based architecture. Okta Platform is SaaS-based. While there are competitors such as Ping Identity, which used to be a great one but has since been acquired, and Microsoft Entra, which does all of it as well, Okta Platform has a lot of advantages. Okta Platform has very rich integration capabilities with a lot of other vendors, including deep integration capabilities with Zscaler, CrowdStrike, most of the ZTNA vendors, and CASB vendors. The number of applications that you can natively integrate with it out of the box is quite huge. Another advantage is the risk-based authentication capability, where Okta Platform gives you the capability to have step-up authentication based upon superhuman activity or unusual login detections. MFA is fairly seamless, and while it is not something that Okta Platform is doing alone as others are doing it as well, Okta Platform is stable with no issues with downtime or maintenance. I never had any challenges with that. The rich integrations are a significant advantage.

Context-awareness is more about not just the username or service principals, but also depends upon where and how that particular user is accessing things from. If a particular user changes the endpoint from which they are trying to log in or changes location quite abruptly within a span of few minutes, which is superhuman activity, then that additional context gets captured. You get a true risk-based authentication wherein you have to satisfy more authentication parameters or factors before you can actually get access to the resource.

At the same time, you can also do a lot of conditional access things where if there is a certain level of risk associated with that particular authenticated session, then you can actually restrict the level of access that that particular user can have so that you do not penalize the user just because some session is potentially risky. You can let the user have the ability to do at least the basic work or remediate things. Okta Platform is a full-blown Identity and Access Management solution, so it does send out attributes which can be passed from the identity to the service principle, which is your application. Depending upon that, you can let the application know that this particular user, because it is risky, is not going to be able to access the usual things, but maybe restrict the access. This is completely based upon the context of that particular user's authentication session.

Okta Platform does what it promises that it does. It is certainly all cloud-based as a SaaS solution. For enterprises which really prefer to have their own identity within their own perimeter, Okta Platform might not be the solution they might look for. Of course, there are ways you can get your dedicated tenant, especially for governments and federal agencies and all of those things. I have not tried those use cases. I think Okta Platform is the best of the class and appears consistently at the top of the Gartner report and other research.

Based on the use cases I had, I was fairly happy with it. The PAM capabilities and attribute-based access controls, ABAC, represent a new paradigm. How practical that is for enterprises to deploy largely depends upon the use cases. There is always room for improvement, and it is not just for Okta Platform but typically for every single customer identity provider. There are a lot of other things the biometric and FIDO and all of those which can certainly be improved. However, that is more of a technological constraint rather than the vendor itself.

I have experience working on Okta Platform Identity and Access Management and Secure Server Access. The earliest I remember was back in 2019.

Okta Platform is stable with no issues with downtime or maintenance. I never had any challenges with stability.

Scalability is handled because Okta Platform is a SaaS solution, so it is infinitely scalable. I have account managers that get assigned to the account who make sure that the underlying infrastructure is there to support the need for a lot of user identities that will be getting deployed. I never had any outages. I would rate it like eight or nine.

Support is great. You get in-line support by just logging into it. I never faced a lot of challenges. There were one or two instances where the MFA was a bit slow, but they took care of it very quickly.

The earliest I remember was back in 2019 when I first worked on Okta Platform doing integrations with Zscaler Private Access and Zscaler Internet Access. We had a bunch of Active Directory servers, Windows Active Directory servers on-premises, and we did an Okta Platform agent installation on those servers to synchronize the identities from Active Directory to Okta Platform. I then leveraged that integration and configured it as an Identity and Access Management and SSO solution.

Right now I am not using Okta Platform. I am currently using Entra ID, but I was a customer of Okta Platform until six or seven months ago.

The initial setup is really straightforward. You get a tenant and you get in-line help. The documentation is very feature-rich. It is really straightforward. It takes time depending upon the number of identity providers that you need to integrate with, especially if you are doing a brownfield deployment. For a greenfield deployment, you just get a tenant assigned and start configuring it. It does not take a lot of time.

I have not been asked about implementation teams. I am not even sure if that is a standard practice because Okta Platform sits in its own tenant and I do not think there is anything there.

The reason why I purchased Okta Platform was primarily to centralize Identity and Access Management because it was all scattered. From the identity and access governance standpoint, it made sense to not rely on scattered identity providers but to actually have a single centralized IDP. The ROI comes not from Okta Platform itself, of course, the platform enables it, but the thought process that goes into having all of the identities stored in one single tool, which eases a lot of your entitlements. You do not have to go into different places and give people entitlements. The identity and access governance timeline shortens drastically. Okta Platform has its own IAG as well, which is in-built. If you are a small or mid-sized company, you do not need to have a dedicated IAG and all of those things. Okta Platform can work alone. You can eliminate a lot of inconsistencies and sprawls with your existing tool stack if you move into this. Of course, it is true for Entra ID as well, but with Okta Platform, I think it is one solution that can take care of most of your identity and access related needs.

You get a real value for your money. Whatever amount you spend, you get a bang for it. Okta Platform is decently priced. It is certainly not cheap, but the features that you get, the functionality that you get, and whatever use cases that you have, it definitely satisfies those. There are no hidden things there. Once you have deployed it, they do not ask you for buying other things for integration or just to take care of your use cases. I think they are selling whatever is worth it if you are putting it in.

The primary competitors I would think are Azure Entra ID. Azure Entra ID is one of the closest competitors. Both cater to different use cases. Based upon the use cases that I had, there were not a lot where one could do and the other could not. Both are in the same realm.

Based on the use cases I had, I was fairly happy with it. The IAG, Identity and Access Governance, is one of the best features. You can use that for taking care of a lot of your entitlements. If there are people who are getting onboarded, such as bulk users getting onboarded which is true for most of the IT services industries where there are hundreds of people joining every week, and people getting offboarded, those automated lifecycle policies automate the entire thing. It not just removes or suspends your identities, but it also conveys it to the downstream applications. It is one of the best things that they introduced a couple of years ago. I would give Okta Platform an overall rating of nine out of ten.