Endpoint

5/23/2018
01:10 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Okta Launches 'Sign In with Okta,' Business Authentication for App Providers

'Sign in with Okta' is designed to give developers a faster alternative to SAML, simplify single sign-on for IT admins, and help eliminate app passwords for users.

LAS VEGAS  — May 23, 2018 — Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today announced Sign In with Okta, a secure authentication system for app providers and developers that combines the ease of social authentication with the security of enterprise infrastructure. Fuze, OrgWiki, VMware and Zylo are launch partners of Sign In with Okta.

Since 2016, Okta has supported OpenID Connect and today, the company is making it easy for developers to use OpenID Connect as an alternative to SAML. With Sign In with Okta, any app and service can easily add a federated Single Sign-On experience for both their B2B customers and the extended partner, supplier and contractor ecosystem. SSO configuration is made simpler for IT, and users gain access to more applications without the burden of additional usernames and passwords.

“Our partners are increasingly coming to Okta as the central connection to thousands of apps and services – and we wanted to make it easier for those technologies in our ecosystem to offer the best experience possible for our customers,” said Todd McKinnon, Chief Executive Officer and co-founder, Okta. “Sign In with Okta takes the challenge out of building a simple, secure user experience. By accelerating developers’ ability to provide secure access for enterprise users – be they B2B customers, partners, subsidiaries or internal employees – to their app or portal with one simple button, we’re able to extend the benefits of Okta’s simple, identity-driven security to everyone in our ecosystem.”

Rather than going through the process of integrating a SAML toolkit, developers at organizations such as Fuze, OrgWiki, VMware and Zylo are adding the Sign In with Okta button, saving weeks of development time. And by adding Sign In with Okta to their product or portal, developers can accelerate adoption throughout the enterprise both by meeting security standards needed by enterprises and by making it easier for IT administrators to integrate and manage – and end users to get access to – an application via Okta.

In addition, Sign In with Okta makes it easier for an enterprise to connect its business partners, such as suppliers and contractors, to an application by allowing partners to use their Okta organization credentials to sign in; Sign In with Okta allows partners to bring their own identity. With no responsibility for securing the passwords of a partner, enterprises can eliminate the inherent risks of maintaining third-party passwords. Further, a company can forgo building authentication and managing user credentials for their B2B app, saving time and money with Sign In with Okta.

"Okta makes it easy for OrgWiki users to log in with the right account, similar to sign-in tools for social authentication," said Chris van Loben Sels, General Manager, OrgWiki at Veeva Systems. "Our developers were able to quickly implement business authentication into the application, and deliver customers strong security and identity management across all their users."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12633
PUBLISHED: 2018-06-22
An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (...
CVE-2018-12634
PUBLISHED: 2018-06-22
CirCarLife Scada v4.2.4 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
CVE-2018-12635
PUBLISHED: 2018-06-22
CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.
CVE-2018-12630
PUBLISHED: 2018-06-21
NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI.
CVE-2018-12631
PUBLISHED: 2018-06-21
Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal.