Last updated: Apr 13, 2021

Integration detail



HUMAN is a cybersecurity company that protects enterprises from bot attacks to keep digital experiences human. Its Human Verification Engine protects applications, APIs, and digital media from bot attacks preventing losses and improving the digital experience for real humans. Powered by the Human Verification Engine, HUMAN’s Application Integrity service detects and mitigates sophisticated bot activities including Account Takeover, New Account Fraud, Payment Fraud and Content & Experience Abuse to lower fraud loss and preserve customer trust and user experience.

Okta allies with HUMAN’s Application Integrity service to provide Continuous Authentication, detecting and preventing sophisticated bots and automated attacks from abusing the features of your web and mobile app landscapes. The Application Integrity service is powered by HUMAN’s unparalleled Technical Evidence - HUMAN’s unique ability to collect more than 2,500 device, network and user signals. Technical Evidence is gathered pre and post-login as users use your apps. More than 300 decisioning algorithms are continuously applied to collected Technical Evidence to deliver contextual risk assessment insights to Okta. Risk assessments are passed to the Okta platform in real-time, allowing Okta to challenge, deny and grant individual access based on your organization’s configurable response policy.

The Challenge

  • Web and mobile application layer threats are persistent, varied and increasingly sophisticated.
  • Increased security methods including CAPTCHA and MFA introduce unwanted user friction.
  • Siloed systems present difficulties to determining risk levels associated with individual user accounts and offer no ability to achieve a coordinated response.
  • Binary “block or allow” decisioning logic lacks context.
  • Long lived authorization tokens result in stale security posture.
  • Customers are adopting a CARTA like framework for securing their customers. They want to assess user, devices, network and application actions throughout a continuous user journey.

The Solution: A Best-of-breed architecture for continuous authentication with HUMAN and Okta

HUMAN’s Application Integrity service passes continuous pre-login and in-session risk assessment signals informed by HUMAN’s multilayered detection technology to Okta. Okta can then take action based on contextual policies where delivered HUMAN risk insights are considered. Adaptive risk intelligence assesses users continuously yet invisibly and throughout the Okta (IDP) and Service Provider (SP) ecosystem. The combination continuously mitigates the risk of Account Takeover, New Account Fraud, Transaction Fraud, and Content & Experience Abuse, reducing security and fraud risk while preserving a frictionless and enjoyable digital experience for your end-users.

Continuous and comprehensive protection spanning Pre & Post Login across Web & Mobile

Frictionless protection that’s invisible to End-Users

High-Fidelity detection leveraging  2,500+ Signals,  300+ Detection Algorithms

Human powered by global threat intel experts serving as your trusted advisors

Integration Approach

HUMAN’s Application Integrity product supports integration using Risk EcoSystem API capability. Mutual customers who leverage  Okta’s Adaptive MFA and HUMAN Application Integrity can ingest IP based risk signals sent from HUMAN in Okta's risk based authentication experience.

This capability enables IP based security co-relation to better block suspicious IPs that might be associated with the  likelihood of account takeover attacks.

Okta Verified
Okta Verified
The integration was either created by Okta or by Okta community users and then tested and verified by Okta.

Languages Supported