Okta recently released an LDAP service to complement its web application single sign-on (SSO) platform. Okta is looking to enable their customers to authenticate users to more than just web applications or applications that do not make use of the SAML authentication protocol. The question for IT admins is whether an Okta LDAP solution is a useful addition to their overall identity management approach or not.
Okta’s Pre-LDAP Roots
The traditional focus of Okta has been SSO. In fact, they were a pioneer in helping to drive the first generation Identity-as-a-Service (IDaaS) category. That category materialized when a gulf formed between on-prem identities provided by the legacy identity provider (IdP), Microsoft Active Directory® (AD), and web applications like Salesforce® and Google Apps™ (now G Suite™). Users needed a single identity to access all of their IT resources, but on-prem identities did not extend to cloud resources. Okta recognized this deficiency and utilized the SAML protocol to federate user identities from AD to the cloud. There they would be used to authenticate users into web applications. This strategy propelled Okta to become a market leader for a number of years in the SaaS-based web application SSO space.
Customer Base and Active Directory
Okta’s customers are generally the largest enterprises we have in business today. Most of those enterprises utilize AD as their identity store. It makes sense because Okta is made to complement AD. So, while synergy is good, the problem with this approach is that it leaves organizations straddling the line between on-prem and web solutions. The result for IT admins and workers alike is that there is a significant amount of overhead and management that must be dealt with. Aside from those challenges, there’s always the price.
The cost of using Okta has recently increased to upwards of $25 per user per month. That has left many IT organizations, the ones who are not exactly massive enterprise-type entities, to consider if there is an alternative approach to Active Directory with Okta bolted on. They have seen the benefits of identity management via Okta’s web portal. Many are (Read more...)