Endpoint

5/23/2018
01:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Okta Launches 'Sign In with Okta,' Business Authentication for App Providers

'Sign in with Okta' is designed to give developers a faster alternative to SAML, simplify single sign-on for IT admins, and help eliminate app passwords for users.

LAS VEGAS  — May 23, 2018 — Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced Sign In with Okta, a secure authentication system for app providers and developers that combines the ease of social authentication with the security of enterprise infrastructure. Fuze, OrgWiki, VMware and Zylo are launch partners of Sign In with Okta.

Since 2016, Okta has supported OpenID Connect and today, the company is making it easy for developers to use OpenID Connect as an alternative to SAML. With Sign In with Okta, any app and service can easily add a federated Single Sign-On experience for both their B2B customers and the extended partner, supplier and contractor ecosystem. SSO configuration is made simpler for IT, and users gain access to more applications without the burden of additional usernames and passwords.

“Our partners are increasingly coming to Okta as the central connection to thousands of apps and services – and we wanted to make it easier for those technologies in our ecosystem to offer the best experience possible for our customers,” said Todd McKinnon, Chief Executive Officer and co-founder, Okta. “Sign In with Okta takes the challenge out of building a simple, secure user experience. By accelerating developers’ ability to provide secure access for enterprise users – be they B2B customers, partners, subsidiaries or internal employees – to their app or portal with one simple button, we’re able to extend the benefits of Okta’s simple, identity-driven security to everyone in our ecosystem.”

Rather than going through the process of integrating a SAML toolkit, developers at organizations such as Fuze, OrgWiki, VMware and Zylo are adding the Sign In with Okta button, saving weeks of development time. And by adding Sign In with Okta to their product or portal, developers can accelerate adoption throughout the enterprise both by meeting security standards needed by enterprises and by making it easier for IT administrators to integrate and manage – and end users to get access to – an application via Okta.

In addition, Sign In with Okta makes it easier for an enterprise to connect its business partners, such as suppliers and contractors, to an application by allowing partners to use their Okta organization credentials to sign in; Sign In with Okta allows partners to bring their own identity. With no responsibility for securing the passwords of a partner, enterprises can eliminate the inherent risks of maintaining third-party passwords. Further, a company can forgo building authentication and managing user credentials for their B2B app, saving time and money with Sign In with Okta.

"Okta makes it easy for OrgWiki users to log in with the right account, similar to sign-in tools for social authentication," said Chris van Loben Sels, General Manager, OrgWiki at Veeva Systems. "Our developers were able to quickly implement business authentication into the application, and deliver customers strong security and identity management across all their users."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-13435
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w...
CVE-2018-13446
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2018-14567
PUBLISHED: 2018-08-16
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-15122
PUBLISHED: 2018-08-16
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
CVE-2018-11509
PUBLISHED: 2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.