Endpoint

5/23/2018
01:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Okta Releases New API Offering for App, Website Authentication

LAS VEGAS — May 23, 2018 — Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced a new API offering. API Products for One App, makes it easy and affordable for engineering teams to use Okta to power modern authentication for any single website or application. Okta is also making API Products for One App – which includes Multi-Factor Authentication (MFA) – available for free with “Identity by Okta” branding.

“Protecting identities is hard. Building a secure authentication, authorization and user management stack for your applications is even harder. The vast number of breaches and massive extent of data loss occurring today suggests that we need a simpler and more effective way to embed identity and authentication solutions,” said Okta CEO and co-founder, Todd McKinnon. “We believe that every organization in the world should have the best technology available to protect their identities, data and privacy. Now, with Okta API Products for One App, development teams don’t have to debate whether they should try to build authentication themselves – they can just use Okta.”

Identity for any app

The investment needed to build out secure identity infrastructure can be overwhelming for large enterprises focusing on a single digital experience, startups experiencing hyper growth and non-profits. Okta API Products are used today by hundreds of organizations as their enterprise-wide identity API for developers. Okta API Products for Developers, introduced last year, also made it easy for dev teams to use identity and access management on a small scale with Okta. Now, with the launch of Okta API Products for One App, any app development team can take advantage of Okta API Products for a single app. New developers can also opt to use API Products for One App for free by displaying “Identity by Okta” on the login page of their app.

Okta’s new API Products for One App includes:

·       Authentication and Directory Services – Easily drop authentication into any web or mobile app. 

·       Self-Registration – Allow users that are actively a part of your community to self-register.

·       Social Authentication – Enable end users to log in with something they already know by enabling social login with streamlined OAuth 2.0 connections, rich user profiles and authorization.

·       Centralized Identity Management – Developers can take advantage of a central admin console for managing users, groups, apps, APIs, devices and policies.

·       Secure Multi-Factor Authentication – Leverage SMS-based one-time passcodes and/or the most secure experience, Okta Verify, for a second factor.

·       Developer-Friendly Tools and Controls – Use Okta’s widgets, SDKs, toolkits, documentation, wizards and code snippets for modern environments to make it simple for developers to add modern identity to any app in minutes with full protocol, factor and policy support. 

·       REST API – Offer developers maximum control over the user experience and automating identity administration with direct access to the full granularity of the Okta REST API. 

Nonprofit social enterprise TechSoup has helped one million NGOs globally gain access to the technology and services they need to build a more equitable planet. With 70 partner NGOs around the world, TechSoup also manages the only global philanthropy program that brings together over 100 tech companies to provide technology donations to NGOs worldwide. TechSoup’s platform enables member nonprofits to get donated products from top technology providers, find resources and training, and connect with peer organizations through community forums. Now, with Okta’s new identity offering, TechSoup will be able to power a more seamless, secure authentication experience to its member community. 

“Our mission at TechSoup is to equip changemakers with the transformative technology solutions and skills they need to improve lives globally and locally. That means we need our own best-in-class solution to ensure the organizations we serve have access to the resources and information they need, when they need it, all in a seamless way,” said Jackey Wall, Vice President of Enterprise Architecture at TechSoup. “We’re also a nonprofit ourselves, and with Okta, we don’t have to dedicate our resources to building authentication. Okta takes care of powering a simple, secure customer experience for our members – letting us focus on delivering the best programs possible to help our members have a positive impact on the world.”

Security for any app

Today’s complex threat landscape requires software providers to maintain complex authentication strategies in order to protect their customers’ information. Okta API Products for One App includes Okta MFA, removing that burden from developers, helping protect the sensitive information in their applications and freeing them up to solve other technical challenges. With Okta MFA, developers can add strong authentication either at the initial login or through contextual step-up authentication for sensitive resources and actions throughout an app experience – providing stronger identity-driven security for their customers. New developers can also add Okta MFA to their application for free if they display the “Identity by Okta” branding.

One company benefiting from Okta MFA is Namely, an HR platform that makes it easy for companies to handle their HR, payroll, time management, and benefits in one place. With over 1,000 customers serving more than 175,000 employees globally, ensuring that their customers’ sensitive personal information stays secure is a top priority.

“We set out to create an all-in-one Human Resource platform that employees actually love to use: powerful, simple technology that handles every need in one place. And because we handle such sensitive information about people, security is critical to our platform,” said Graham Younger, Chief Revenue Officer and President at Namely. “We’re experts in HR, and Okta is an expert in authentication. By adding Okta MFA to our platform, we’re able to ensure a seamless and secure user experience for our shared customers.”

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
The Case for a Human Security Officer
Ira Winkler, CISSP, President, Secure Mentem,  12/5/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8651
PUBLISHED: 2018-12-12
A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.
CVE-2018-8652
PUBLISHED: 2018-12-12
A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1.
CVE-2018-8617
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8...
CVE-2018-8618
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8...
CVE-2018-8619
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Exp...