We’ve been discussing and reflecting on the Future of Identity over the last couple of months. It’s apparent to us that Identity is rapidly growing in its complexity. The surface area that our customers need to protect is growing, like a sunrise revealing a hidden terrain in the morning twilight. We realize that in a short time, the growing demands of customers will start to influence the roadmaps of SaaS companies and their developers to...

Read more

In OAuth, a valid access token grants the caller access to resources and the ability to perform actions on the resources. This means the access token is powerful and dangerous if it falls into malicious hands. The traditional bearer token scheme means the token grants anyone who possesses it access. A new OAuth 2.0 extension specification, Demonstrating Proof of Possession (DPoP), defines a standard way that binds the access token to the OAuth client sending...

Read more

We use access tokens to request data and perform actions within our software systems. The client application sends a bearer token to the resource server. The resource server checks the validity of the access token before acting upon the HTTP request. What happens if the requesting party is malicious, steals your token, and makes a fraudulent API call? Would the resource server honor the HTTP request? If you use a bearer token, the answer is...

Read more

SMS has long played an important role as a universally applicable method of verifying a user’s identity via one-time passcodes. And over the last decade, SMS and voice-based Multifactor Authentication has prevented untold attempts to compromise user accounts But it’s time to move on.” Ben King, VP Customer Trust: BYO Telephony and the future of SMS at Okta SMS/Voice is too SIMple The one-time passcode (OTP) you send using SMS or Voice may not go...

Read more

PowerShell is a powerful command-line interface for automating tasks, scripting, and managing systems. Okta offers an official PowerShell module, an extremely powerful tool for administering your Okta org. In this blog post, we’ll explore how to utilize this. You’ll need a PowerShell terminal for your OS and the Okta PowerShell module. Install it through the PS Gallery, Chocolatey Package Manager, or the GitHub repository. Follow the instructions in the GitHub repository’s ReadMe to install the...

Read more

The Okta Workforce Identity Developer Podcast returns to discuss the OpenID Foundation’s Shared Signals Framework. Watch on the OktaDev YouTube channel Learn more about the Shared Signals Framework You can explore the Shared Signals Framework at sharedsignals.guide, and learn about Jamf’s SSF integration here. If you’d like to join a pilot program for using SSF to integrate with Okta, contact us at dev-advocacy at okta dot com. If signals about security events were available, which...

Read more

We are excited to have a presence at RSA Conference 2024! On Tuesday, May 7th, we will speak on Identity: Your key to stop breaches. Consider why you don’t want to miss this session: Attackers are not breaking in – they are logging in. Exploiting weak passwords, phishing credentials, and navigating privileged access is a hacker’s easiest way to infiltrate your organization. How can you fight back? Done right, identity is your first line of...

Read more

Your enterprise customers expect you to safeguard them from common security incidents, especially when it comes to compromised user accounts. Perhaps a user has signed in from a known stolen device or another country outside the list of allowed IP zones. If a hacker is masquerading as one of your customer’s employees, potentially accessing sensitive company data, you must end their session and sign them out of your app immediately. Bottom line, if you build...

Read more

The Okta Workforce Identity Developer Podcast returns with an exploration of our latest new developer tool, the Okta PowerShell Module! Watch on the OktaDev YouTube channel You can find the source of the Okta PowerShell Module, and documentation in the README, on GitHub. Below is the example code discussed in the podcast episode. Example: Interactively create Okta groups and group rules with PowerShell Install PowerShell module via PSGallery Install-Module -Name Okta.PowerShell Set up the OAuth...

Read more

If you use Okta’s embedded Sign-In Widget, users logging in via Chrome may encounter problems starting January 1st 2025. That’s when Okta’s extension to Google disabling the use of third-party cookies ends. You can test if your setup is impacted, and if so, implement one of the recommended fixes. To test your setup, see Test your login experience below. There’s also a temporary solution, though that stops working at the end of 2024. Update your...

Read more