Endpoint

5/23/2018
01:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Okta Launches 'Sign In with Okta,' Business Authentication for App Providers

'Sign in with Okta' is designed to give developers a faster alternative to SAML, simplify single sign-on for IT admins, and help eliminate app passwords for users.

LAS VEGAS  — May 23, 2018 — Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced Sign In with Okta, a secure authentication system for app providers and developers that combines the ease of social authentication with the security of enterprise infrastructure. Fuze, OrgWiki, VMware and Zylo are launch partners of Sign In with Okta.

Since 2016, Okta has supported OpenID Connect and today, the company is making it easy for developers to use OpenID Connect as an alternative to SAML. With Sign In with Okta, any app and service can easily add a federated Single Sign-On experience for both their B2B customers and the extended partner, supplier and contractor ecosystem. SSO configuration is made simpler for IT, and users gain access to more applications without the burden of additional usernames and passwords.

“Our partners are increasingly coming to Okta as the central connection to thousands of apps and services – and we wanted to make it easier for those technologies in our ecosystem to offer the best experience possible for our customers,” said Todd McKinnon, Chief Executive Officer and co-founder, Okta. “Sign In with Okta takes the challenge out of building a simple, secure user experience. By accelerating developers’ ability to provide secure access for enterprise users – be they B2B customers, partners, subsidiaries or internal employees – to their app or portal with one simple button, we’re able to extend the benefits of Okta’s simple, identity-driven security to everyone in our ecosystem.”

Rather than going through the process of integrating a SAML toolkit, developers at organizations such as Fuze, OrgWiki, VMware and Zylo are adding the Sign In with Okta button, saving weeks of development time. And by adding Sign In with Okta to their product or portal, developers can accelerate adoption throughout the enterprise both by meeting security standards needed by enterprises and by making it easier for IT administrators to integrate and manage – and end users to get access to – an application via Okta.

In addition, Sign In with Okta makes it easier for an enterprise to connect its business partners, such as suppliers and contractors, to an application by allowing partners to use their Okta organization credentials to sign in; Sign In with Okta allows partners to bring their own identity. With no responsibility for securing the passwords of a partner, enterprises can eliminate the inherent risks of maintaining third-party passwords. Further, a company can forgo building authentication and managing user credentials for their B2B app, saving time and money with Sign In with Okta.

"Okta makes it easy for OrgWiki users to log in with the right account, similar to sign-in tools for social authentication," said Chris van Loben Sels, General Manager, OrgWiki at Veeva Systems. "Our developers were able to quickly implement business authentication into the application, and deliver customers strong security and identity management across all their users."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Who Takes Responsibility for Cyberattacks in the Cloud?
Kelly Sheridan, Staff Editor, Dark Reading,  1/11/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: On the SS7 network, nobody knows you're a dog.
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-18812
PUBLISHED: 2019-01-16
The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restrict users with read-only access from modifying files stored in the Spotfire Library, only when the S...
CVE-2018-18813
PUBLISHED: 2019-01-16
The Spotfire web server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains multiple vulnerabilities that may allow persistent and reflected cross-site scripting attacks. Affected releases are TIBCO Software Inc. TIBCO Spotfire...
CVE-2018-18814
PUBLISHED: 2019-01-16
The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account, indep...
CVE-2018-5740
PUBLISHED: 2019-01-16
"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is i...
CVE-2018-5741
PUBLISHED: 2019-01-16
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the key used when sending the update ...