Workforce Identity

Bring Your Own Messaging Provider: WhatsApp OTP with Inline Hooks & Workflows

Okta’s Identity Engine introduced an Inline Hook for Telephony effectively allow you to replace Okta’s inbuilt SMS solution with your own provider. This empowers customers to manage their own numbers and providers around the world allowing for cost and delivery optimisation. It also paves the way for adding additional channel options for OTP messages. Messaging…

Fixed Recovery Questions with Workflows

Recently an Okta customer was interested in being able to set a fixed Recovery Question for a subset of its employees. In particular they wanted to use an attribute from their source of truth as a security answer. Having a fixed security question and answer based on an employee attribute does have security drawbacks however…

Optimising Twilio Flex Licensing with Okta Workflows

Twilio Flex, Twilio’s contact centre solution, supports SAML 2.0 for Agent and Supervisor provisioning and access. Users are provisioned Just In Time into TaskRouter workers with skills and attributes created or updated when a user logs in. Unfortunately Twilio provides no standard way of de-provisioning users. This means that Flex licenses may continue to be…

Choosing Specific Factors in OIE with the API

Okta Identity Engine provides increased flexibility for Authentication with Application Level Policies and easy to configure passwordless sign-in experiences. These are covered extensively in our deployment guides: Authentication policies deployment guide and Passwordless authentication deployment guide. It also provides a simplified administrator experience by moving from Factor sequencing to Assurance Models. This new experience is simple…

Manage user devices authorised to access applications

Fine grained Device level authorisation was not really possible before devices became a first class citizen in the Okta Identity Engine. User Devices (with Okta FastPass installed) could always be Suspended or Deactivated in OIE (Directory → Devices), but this would prevent the user from using their device to access any applications in Okta. This…

Okta Sign On Error Message Customizations

With the increase of Adaptive MFA use case and all the different combination of posture presented to evaluate the sign in into a resource, organisations require to customize their messaging to their end users to provide context and reduce the login experience friction. Keep in mind that for security reason we may not want to…

Office 365 / Azure AD seemless Users and Password’s Migration to Okta

In today’s world, more and more organizations are looking at simplifying their Identity and access management solution in order to better secure their identity but also to reduce cost while improving the user experience. One of the use case we see more and more is organizations using Okta to centralise their users coming from mutliple…

Okta End-to-End Passwordless and true SSO Experience into Microsoft Azure Virtual Desktops (AVD)

As we evolve through the new “normal”, most organizations are looking to extend their digital user experience to frictionless in order to increase workforce productivity while working from anywhere. This is where Identity and Access Management plays a fundamental part to it and one of the key capability to enhance user experience is “PasswordLess”. At…

Setup Okta as IdP with ADFS (SP)

Take the advantage of Okta Passwordless experience to access all your ADFS integrated applications. In this article we are Integrating Okta as IDP with ADFS as SP where Salesforce has been SAML integrated with ADFS. Prerequisites: Active Directory running 2008 R2 or higher. ADFS installed and configured. (ADFS doesn’t need to be exposed to the…