Authentication

Get scalable authentication built right into your application without the development overhead, security risks, and maintenance that come from building it yourself. Our API allows your team to deploy user authentication to your application in a matter of minutes – not days.

Okta gives developers:

Pre-built login and registration screens

Built-in account verification & password reset flows

Customizable verification + welcome emails

A complete user admin UI to manage your users

Strong password security, enforcement and encryption

A hosted user database that you control

Token-based authentication

How it works

1

Use our pre-built UI elements, or design your own login form

2

Securely call Okta behind the scenes to log the user in

3

Get the tokens and user details your application needs

Social Login

Take the headache out of social login with Okta's social login support. We handle the connections and provide an easy way for your users to log in with a social account.

Support for:

Microsoft, Facebook, Google, LinkedIn

Simple social login with easy authorization and rich user data

  • Register & login users with credentials they already know
  • Drastically streamlined identity provider connections
  • Add authorization and data to your social accounts

Multi-factor authentication

Multi-factor Authentication (sometimes called two-factor authentication) is a best practice that adds another layer of security to your user login. Okta enables you to quickly and easily add MFA to your security strategy without compromising user experience or creating extra work for your dev team.

Factors:

  • SMS
  • Push verification
  • One-time passwords (TOTP)
  • Phone calls
  • Yubikey

Standards

OpenID Connect

Okta is certified for OpenID Connect for Basic, Implicit, Hybrid, and Publishing Configuration Information (Config OP).

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows clients to verify the identity of an end user based on the authentication performed by an authorization server.

OpenID Connect allows a range of clients to request and receive information about authenticated sessions and end users, including web-based clients, mobile apps, and JavaScript clients.

 

SAML

Okta accepts unlimited inbound SAML connections.

Our SAML integration supports any IdP – enterprise, open source, or home-grown. Okta can be a SAML IdP and can help your users SSO into third-party apps, like Zendesk, Workday, and Salesforce.

Support individual SAML IdPs per customer organization, giving your application the ability to federate authentication to the right IdP.

Your users can log in once and access all your applications, without needing to reauthenticate or change credentials.