Over the past decade, and even more swiftly since the time of the COVID-19 pandemic, digital transformation of the workplace has primarily been driven by applications. Apps have become an integral part of everyday life for many organizations. Modern applications are complex. Their functionality frequently relies on APIs and third-party integrations, leading to an increased attack surface and more security vulnerabilities. A data breach or an attacker exploiting a security weakness can permanently damage your...

Read more

Note: In May 2025, the Okta Integrator Free Plan replaced Okta Developer Edition Accounts, and the Okta CLI was deprecated. We preserved this post for reference, but the instructions no longer work exactly as written. Replace the Okta CLI commands by manually configuring Okta following the instructions in our Developer Documentation. Elasticsearch is one of the most powerful and popular search engines on the market. Elasticsearch lets you search through vast amounts of data, whether...

Read more

If you’re building or managing an API, you’re probably using an API gateway to help you manage it. Hopefully, you’re also using OAuth and an identity provider (IdP) like Okta to secure your API through the gateway. Maybe you’ve also discovered that getting the “OAuth dance” working properly among the gateway, IdP, and application can be tricky. I’ve worked with a lot of different API gateways and want to provide some guidance and tools to...

Read more