Okta provides an LDAP interface in the cloud (great for hybrid IT and hybrid cloud deployments). The interface does not require an agent on-premises and supports Multi-Factor Authentication (MFA) over LDAP—even though the LDAP protocol doesn't natively support MFA. In this blog post, I’ll explain why and how Okta does it. Okta LDAP interface: awesome for hybrid cloud LDAP (Lightweight Directory Access Protocol) is a protocol typically used by directory servers – such as Active Directory, OpenLDAP, and Oracle Internet Directory – to store user and group data on-premises. Okta recently released the LDAP interface, a feature that allows customers to implement hybrid cloud deployments by consuming Okta via LDAP in the cloud. Conceptual diagram of the LDAP interface. No agents required on-premises. Essentially, the LDAP interface supports user authentication and searches. It’s a huge hit with our customers, as it reduces the cost of integrating with systems.