We recommend redirecting users to authenticate via the Okta-hosted sign-in page powered by the Okta Identity Engine (OIE) for your custom-built applications. It’s the most secure method for authenticating. You don’t have to manage credentials in your code and can take advantage of the strongest authentication factors without requiring any code changes. The Okta Sign-In Widget (SIW) built into the sign-in page does the heavy lifting of supporting the authentication factors required by your organization....

Read more

Building secure and seamless sign-in experiences is a core challenge for today’s iOS developers. Users expect authentication that feels instant, yet protects them with strong safeguards like multi-factor authentication (MFA). With Okta’s DirectAuth and push notification support, you can achieve both – delivering native, phishing-resistant MFA flows without ever leaving your app. In this post, we’ll walk you through how to: Set up your Okta developer account Configure your Okta org for DirectAuth and push...

Read more

When you choose Okta as your IAM provider, one of the features you get access to is customizing your Okta-hosted Sign-In Widget (SIW), which is our recommended method for the highest levels of identity security. It’s a customizable JavaScript component that provides a ready-made login interface you can use immediately as part of your web application. The Okta Identity Engine (OIE) utilizes authentication policies to drive authentication challenges, and the SIW supports various authentication factors,...

Read more

As AI agents and AI threats proliferate at an unprecedented rate, it becomes imperative to enable them to communicate safely with the backend systems that matter the most. A Model Context Protocol (MCP) server acts as the bridge between an LLM and an external system. It translates natural language intent into structured API calls, enabling agents to perform tasks like provisioning users, managing groups, or pulling reports, all while respecting the system’s security model. Establishing...

Read more

Secure access with enterprise IT oversight between independent applications that communicate with each other is a recognized gap in OAuth 2.0. Enterprises can’t effectively regulate cross-app communication, as OAuth 2.0 consent screens rely on users granting access to their individual accounts. Now, with the advent of AI agents that communicate across systems, the need to solve the gap is even greater – especially given the growing importance of enterprise AI security in protecting sensitive data...

Read more

Modern mobile applications require robust security solutions, especially when handling sensitive user data or enterprise-level access. Okta offers a powerful identity platform, and with the BrowserSignIn module from its Swift SDK, adding secure login to your iOS app becomes scalable and straightforward. In this post, you’ll learn how to: Set up your Okta developer account Configure your iOS app for authentication using best practices Customize the authentication experience with MFA policies Create an AuthService testable...

Read more

AI is taking over the world by storm! This year, AI is our focus at Oktane. We want to ensure you have the tools, the know-how, and solutions to keep your software systems secure, from traditional user apps to AI agents. We can’t wait to meet you and hear about your application needs and challenges. Join us at Caesars Forum in Las Vegas, NV, on September 24-26, 2025, for Oktane, and let’s nerd out on...

Read more

Identity-based attacks have become prevalent, and successful attacks are impactful. Attackers use increasingly sophisticated ways to breach privileged systems, so we must defend our accounts by elevating our identity security methods. Okta is committed to leading the industry in combating identity-based attacks through initiatives like the Secure Identity Commitment. Here are actionable steps you can take to protect your applications. Table of Contents Identity assurance is the goal Demystifying authentication factors Embrace phishing-resistant authentication Avoid...

Read more

Digital applications constantly deal with identities. It’s important to verify identity at the application’s front door through authentication. Several mature and sophisticated techniques and standards for user authentication, such as OpenID Connect (OIDC) and Security Assertion Markup Language (SAML), allow a trusted identity provider (IDP) to securely authenticate the user before allowing access to an application. However, front door authentication is not the only context in which identities must be verified. Consider the following scenarios:...

Read more

Every web application needs authentication, but building it yourself is risky and time-consuming. Instead of starting from scratch, you can integrate Okta to manage user identity and pair Passport with the openid-client library in Express to simplify and secure the login flow. In this tutorial, you’ll build a secure, role-based expense dashboard where users can view their expenses tailored to their team. Check out the complete source code on GitHub and get started without setting...

Read more