A quick Okta® review reveals that the company is one of the leading web application single sign-on (also called SSO) solutions available. Okta pioneered the first generation Identity-as-a-Service (IDaaS) category, which is essentially web app SSO in the cloud. While there existed a generation of on-prem SSO players in the wild before Okta, those SSO providers did not make the leap to deliver web application SSO from the cloud. So, while users of both on-prem legacy applications via LDAP (e.g., Jira and Git) and Microsoft® Active Directory® experienced the simplicity of the concept of SSO for some IT resources, they were left out in the cold when it came to SSO for web applications which utilize SAML.
Okta: Bridging The Gap Between On-Prem and Web Apps
The management of web application access can provide a significant challenge for many organizations. Those employing Microsoft Active Directory (MAD or AD) on-prem experience a gap with regard to federating identities to web applications because MAD wasn’t built to support this kind of IT resource. As a result, Okta emerged to fill in the gap between an on-prem Active Directory implementation and web applications in the cloud. Over time, Okta and other IDaaS providers added on different enhancements, such as application level multifactor authentication (also called MFA, Two Factor Authentication, and 2FA) to increase security.
The key thing to note with this setup, though, is that most organizations leverage a web application SSO solution, with Active Directory as their core identity provider. Organizations are generally unable to solely utilize SSO providers because while they do not require a core identity provider, they can’t function as a directory service themselves, and they primarily only manage user access to web-based applications. Problematically, organizations that just utilize an SSO provider will lack a true central, authoritative source that can manage identities across their on-prem and cloud IT resources. This includes infrastructure like WiFi and wired Internet through RADIUS or NAS storage devices from Synology, QNAP, and FreeNAS and cloud resources like servers hosted in AWS® or Google (Read more...)