Okta Customer Identity Reviews

We are using this solution for access management and user provisioning. We are also using it for user and group synchronization and as a password for authentication.

The pass-through authentication is very useful. You don't have to set up another ADFS. Instead, you can just authenticate your resources for services from the cloud to AD on-premises through the pass-through authentication. There is no password hash saved on the cloud, which is the part that I like the most.

The functioning of Azure AD Connect for both user and group synchronization is very smooth.

I would like to see the provisioning simplified. When it comes to certain tasks, such as where it is activated on-premises, Azure AD is simpler than Okta.

SSO functionality needs better client support.

I have been working with Okta Customer Identity for two years.

We have had no issues with respect to stability.

The scalability is good.

I have been in touch with the technical support from Okta and they are very good. They answered my questions quickly and supported me very well.

The initial setup is straightforward.

Once we started, we received help from the Microsoft team and it was really good. We were able to complete the installation easily.

I would rate this solution a nine out of ten.

We use Okta for single sign-on (SSO) of multiple applications, access management, and multi-factor authentication (MFA).

Prior to implementing Okta for our environment, we had our users (15,000-plus) contact the Service Desk to reset their passwords if forgotten or they were locked out. Even though we had a self-service password reset solution in place, it was not user-friendly and effective. Particularly, in the case of a lockout, you could not log in to the computer to use the self-service solution and had no other option than to call the Service Desk team.

However, once we implemented the self-service password reset (SSPR) through Okta, we directed the users to use it themselves and everyone found it easy. Also, Okta, being a cloud-based web solution, you can log in from anywhere, anytime with a device that has internet access. It became a simple process and, obviously, the number of calls to the Service Desk came down drastically, reducing our man-hours and cutting costs. This was a big money saver, which was much appreciated by our clients.

The Single Sign-On and MFA features are most valuable.

The Identity Management part can be improved a bit.

No issues with stability.

No issues with scalability.

I would give tech support a 10 out of 10. They are really awesome. Even for a free/demo account, if you raise a case they are very fast to respond and their support options are excellent.

CA SiteMinder. Our client decided to switch to a cloud-based IAM solution instead of an on-prem solution.

Setup is not at all complicated. It is as simple as watching the instruction videos for setup and then doing it yourself.

Pricing might be high, but it comes down when the number of people using the product goes up. Check Okta's website for exact pricing or contact their sales team for exact figures.

We did evaluate SailPoint, SecureAuth, and ForgeRock and finally decided to go with Okta because of its user-friendly environment, high stability, and ease of implementation.

If you are not concerned by the cost and are looking for a secure IAM solution with great stability and excellent support, then go for it.

It's mostly used for customer-facing applications (Customer Identity Management). API management and self-service flows are the most utilized capabilities. It offers a lot of customization in terms of branding, email notifications, and creating a good end-user experience.

For remote access, we have solutions proposed, like Okta Identity Engine (OIE). It has more capabilities than the classic engines. The certificate-based system is one thing, and third-party tools like Intune and Jamf for iOS devices. There is a trust relationship between these device management tools, and that contributes to control over the end-user devices.

Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products. 

Okta can import many attributes into the Okta profile and send attributes from the engines. Multiple sources of truths and profile inheritance are done in granular ways. This plays a major role in ABACs going forward.

Okta's MFA features are good. Okta is looking forward with more on the push or less, relying on the Okta Verify factors. But it also has extensive capabilities for Ubiquiti. It's adopting a layer-by-layer upgrade in developing the policies, like MFAs. 

Okta has more when it comes to the policy level. It has distinctive features where you can do a mix and combination to have users access applications for various business cases. That's something unique and a selling feature.

For security protocols we use most security protocols, such as OIDC and SAML.

Okta has a limitation with directory integrations. If you have multiple Active Directory integrations, the user distinguished name (DN) and the manager DN don't get imported properly into the Okta user profile. It has a property of Get AD user's property, but that has limitations when writing an expression language to import changes or updates to user DNs or manager DNs from AD, especially if you have AD master users.

Also, Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning. Even if only one attribute gets updated, even though it is unmapped, it can override other values in the downstream application by nullifying the query. That's the biggest flaw in my experience.

The product releases a lot of brand-new features within the quarterly releases. There's a feature roadmap for Okta CIM, and most of it is coming in with a lot of users or the customer side.  

It's definitely the leading Identity Access Management cloud platform. I have experience with Okta for almost six to eight years now. 

I've been an Okta-certified consultant since last year. I got an opportunity to work on the workforce as well as the customer side. 

I have experience with more than eight Okta tenants parallelly due to various business cases across my career. Ultimately, this product itself is a pioneer in Identity Access Management.

It's pretty much stable most of the time, but I have come across a lot more outages recently within Okta. 

 But, Okta is definitely a very good product.

Scalability works very well. I've worked so far with Okta. It's like the heartbeat of that company. If Okta goes down, people are unable to authenticate anywhere. They can't get into applications. So there's a lot of dependency on Okta within the businesses and environments that I've seen so far. It's very critical.

The customer service and support are awesome. They have a CSM assigned for each organization, and they are pretty much responsive to any events that occur. Or if there are any escalations or incidents that impact the business, they're pretty much around in a timely fashion to support the organization. 

We have the flexibility with our CSMs to reach them in any manner, email or phone, and they're available most of the time. Very good.

Positive

We have long relationships with other vendors for things like Identity Governance and Privileged Access Management. But one thing I've noticed is that Okta has been expanding into wider ranges. However, there are limits and restrictions to the existing features, which are not fully developed yet. I think they've added a lot of tech in the last couple of years.

It's always smooth and straightforward to set up, but we can definitely have a bit of complex solutions.

I'm not a hundred percent sure about the return of interest because it is very much dependent on the size of the organization.

I came from smaller organizations working, like, midscale to, like, large scale. So overall, like, the security breach, like, there are, like, two to three security reasons that have happened, but nothing has been, like, damage so far for the organization. 

So, investing more in Identity access management is a critical investment for any operation as applications are moving to like cloud and SaaS-based. So there is, like, a dire need to protect the digital identities of enterprise tech employees as well as their customers. 

There are a lot of features you can automate. Okta Workflows is a key feature that has a separate pricing than adaptive MFA or SSO. It's a combination, but Okta has features and capabilities to reduce the IT burden. Within my experience, it's been helpful so far with a lot of overhead work that comes with onboarding, offboarding.

The pricing model for the Customer Identity product is based on Monthly Unique Users (MUI).

The pricing itself is a bit more expensive than the other products in the market so far. Since I know the product is in full demand. But, again, the price texture, features, and everything suits well for small to medium, for sure. 

But, for larger organizations, it's more expensive than the other platforms. But, usually, licensing is a bit expensive.

I definitely recommend Okta.

Every organization needs workforce productivity as well as customer security. The need is definitely there for any enterprise or organization to protect their identity. Customer security also plays the utmost role in protecting customer data.

Overall, I would rate the solution an eight out of ten. 

The primary use case of this solution is for access management, multi-integration, and passwordless access.

The most valuable feature of this solution for most customers is access management.

There are also some different views on Biometrics.

This solution would be improved by adding more biometrics features. One example is Cyberside Biometrics.

The technical support is good but needs to improve in their response time.

In the next release, I would like to see biometrics, multi-factor authentication, and to rely more on the mobile or something different on CyberSide.

I have been using this solution for one year.

Normally we deploy it on public Cloud, so it should be scalable.

I have been told that it's quite easy to integrate on Cloud. The scalability then depends on the third-party Cloud provider.

Our latest customers have over two hundred thousand users in a medium-sized company.

The technical support is good but not very responsive regarding my needs in getting details. They are difficult to reach and to get them involved.

I was not a part of the initial setup, but the feedback that I received was that the initial setup was quite straightforward.

Normally we do the implementation ourselves. We are one of the largest integrators worldwide.

My advice to others is to be aware of their current infrastructure.

The integration points have to be very clear to the customer to facilitate the main integration. Otherwise, it makes things very complex.

I would rate this solution an eight out of ten.

The main use for the solution is for security. It can provide multifactor authentication to allow more security when accessing server applications or different types of services.

I think all the functions of the solution are vital and important because life cycle management is important for some companies. The Single Sign-On feature is fantastic for different customers and advanced server access is really good for access to the servers.

All of the governance functionality and privileged account management could be improved.

I have been using the solution for approximately six months.

The stability of the solution is great.

There are approximately 50 people using the solution in my company.

We have been satisfied with the support for this solution.

I have heard my technical team say the installation is easy.

The price of the solution is fair for what it offers.

I would recommend this solution.

I rate Okta Customer Identity a nine out of ten.