Okta Identity Engine

Enable Okta for VMware vCenter Server

In today’s security landscape, identity management and multifactor authentication (MFA) are crucial components. The latest release of vSphere, vSphere 8 Update 1, introduces support for cloud-based identity providers in vCenter, including the widely used Okta service. With this new capability, vSphere administrators can leverage modern identity management features for enhanced security and streamlined operations. Prerequisites…

Creating a Twilio Messaging Connector with Workflows Connector Builder

Okta has just made generally available its Workflows Connector Builder and I am writing this post to celebrate. Okta’s Workflow Connector Builder delivers the powerful concept of reuse to your Workflows. It allows you build connections and actions once for re-use throughout all of your Workflows. Additionally, it gives vendors the opportunity to build and…

Bring Your Own Messaging Provider: WhatsApp OTP with Inline Hooks & Workflows

Okta’s Identity Engine introduced an Inline Hook for Telephony effectively allow you to replace Okta’s inbuilt SMS solution with your own provider. This empowers customers to manage their own numbers and providers around the world allowing for cost and delivery optimisation. It also paves the way for adding additional channel options for OTP messages. Messaging…

Secure your VMware Web Proxy access with Okta

Overview / Prerequisites In this blog I want to guide you through the process how we can integrate Okta as the IdP with VMware Web Proxy and how the User Experience looks .I will not cover how to create a Security Policy on the VMware side, but you can read this basic steps in my…

Phishing Resistant Authenticators in action through Okta Fastpass

In this blog, I will showcase how Okta is able to prevent and stop phishing attempts crafted by EvilGinX (MiTM) to your end users. Aside from preventing the phishing attempt, Okta can also be configured to orchestrate back-end orchestration flows that will raise awareness to your end users and also deliver a SecOps capability.

VMware SD-WAN Orchestrator Single Sign-On powered by Okta

In this article I would like to describe how to integrate the Okta into the SD-WAN Orchestrator and using Single Sign On (SSO) with different user types. VMware SD-WAN Orchestrator provides centralized, enterprise-wide installation, configuration, and real time monitoring, in addition to orchestrating the data flow through the cloud network. Prerequisites Configure Okta for Single Sign…

Fixed Recovery Questions with Workflows

Recently an Okta customer was interested in being able to set a fixed Recovery Question for a subset of its employees. In particular they wanted to use an attribute from their source of truth as a security answer. Having a fixed security question and answer based on an employee attribute does have security drawbacks however…

Okta Devices SDK Sample App

Powered by the Okta Devices Platform Service, the Okta Devices SDK and the Devices API offer a single integration to unify user identity and device identity, along with all of the tools necessary to build passwordless sign-in flows through branded push notifications and biometric capabilities. All of these powerful functionalities come together to deepen security…

Enforcing device assurance on unmanaged devices (BYOD)

One of the biggest challenges for organisations is being able to increase the security posture of their employee’s BYOD devices while respecting their privacy and improving their user experience. Okta announced recently the new feature called Okta Device Assurance which allow organisations to increase the posture of their BYOD’s users leveraging Okta Verify Application. Until…

Optimising Twilio Flex Licensing with Okta Workflows

Twilio Flex, Twilio’s contact centre solution, supports SAML 2.0 for Agent and Supervisor provisioning and access. Users are provisioned Just In Time into TaskRouter workers with skills and attributes created or updated when a user logs in. Unfortunately Twilio provides no standard way of de-provisioning users. This means that Flex licenses may continue to be…

Getting Started with Okta

Okta provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, website web services and devices (see wiki). See this great introductory video too. The purpose of this article is to detail my experience in getting started with the Okta (Identity Engine or…

Choosing Specific Factors in OIE with the API

Okta Identity Engine provides increased flexibility for Authentication with Application Level Policies and easy to configure passwordless sign-in experiences. These are covered extensively in our deployment guides: Authentication policies deployment guide and Passwordless authentication deployment guide. It also provides a simplified administrator experience by moving from Factor sequencing to Assurance Models. This new experience is simple…

Okta Custom Domain Configuration with Let’s Encrypt Certificates

This guide will walk through the process of changing your Okta URL to a custom domain. In this guide, I’ll be using my domain hogwartsadmin.com, which has been purchased through GoDaddy, Let’s Encrypt (TLS Certificate) and Google’s Dig for (DNS Lookup). Step 1: Decide on and enter custom domain name in your Okta Tenant Once…

Manage user devices authorised to access applications

Fine grained Device level authorisation was not really possible before devices became a first class citizen in the Okta Identity Engine. User Devices (with Okta FastPass installed) could always be Suspended or Deactivated in OIE (Directory → Devices), but this would prevent the user from using their device to access any applications in Okta. This…

Okta Sign On Error Message Customizations

With the increase of Adaptive MFA use case and all the different combination of posture presented to evaluate the sign in into a resource, organisations require to customize their messaging to their end users to provide context and reduce the login experience friction. Keep in mind that for security reason we may not want to…

Office 365 / Azure AD seemless Users and Password’s Migration to Okta

In today’s world, more and more organizations are looking at simplifying their Identity and access management solution in order to better secure their identity but also to reduce cost while improving the user experience. One of the use case we see more and more is organizations using Okta to centralise their users coming from mutliple…

Okta End-to-End Passwordless and true SSO Experience into Microsoft Azure Virtual Desktops (AVD)

As we evolve through the new “normal”, most organizations are looking to extend their digital user experience to frictionless in order to increase workforce productivity while working from anywhere. This is where Identity and Access Management plays a fundamental part to it and one of the key capability to enhance user experience is “PasswordLess”. At…

Setup Okta as IdP with ADFS (SP)

Take the advantage of Okta Passwordless experience to access all your ADFS integrated applications. In this article we are Integrating Okta as IDP with ADFS as SP where Salesforce has been SAML integrated with ADFS. Prerequisites: Active Directory running 2008 R2 or higher.ADFS installed and configured. (ADFS doesn’t need to be exposed to the internet…

VMware Horizon Passwordless experience powered by Okta

-This Article is written for Lab demonstration purpose and some of the practice are not all recommended for production- As part of a customer requirement project, I was asked to proof/demo how Okta can help performing passworless experience in order to let their End Users to seemlessly access their Virtual apps and desktops from anywhere.…