Okta + HYPR

Safely eliminate passwords and reduce the risk of credential attacks and security breaches

The Challenge

  • User credentials and other shared secrets are under attack, because stealing passwords and logging in to systems is easier for bad actors than hacking in
  • The problem with passwords is that they can be hard to remember for legitimate users and easy to steal and exploit by credential harvesters and other bad actors
  • Enterprises are looking for options to provide smooth,

The Solution

Okta + HYPR combine to provide a fast, secure, passwordless login experience to web and mobile apps, desktops, and VDIs

Employees can register their mobile device once, then authenticate password-free to web and mobile apps or Windows, MacOS, and VDI workstations on an ongoing basis

Similarly, customers can be prompted from within an Okta-protected app to register their mobile device once to enjoy passwordless authentication into the app thereafter

Enterprises can customize the authentication factors required (e.g. biometrics), generally, or optionally at the individual app level and even at the transaction level

Enjoy a fast, secure, and seamless user login experience

Okta, the leading identity provider for the enterprise, integrates with HYPR, the leader in secure passwordless authentication, to enable a fast, smooth login experience that replaces passwords and shared secrets with mobile-based biometrics and advanced public-key cryptography.

The Okta + HYPR integration can be used for workforce and consumer use cases:

  • For workforces, employees (or other authorized workforce users) first register their device with HYPR so it can be used in the passwordless authentication workflow. A public key/private key exchange associates the user’s mobile device with their account in Okta, and they can login subsequently with no password, just a factor check (like face recognition, for example), based on policies set in HYPR.


Okta and HYPR.


  • Consumers trying to access an Okta-protected app will first be prompted from within the app to pair their device with their user account. Once the initial pairing is complete, customers can access the application on subsequent logins using the passwordless authentication flow, incorporating a biometric factor such as Touch ID and/or face recognition.


Okta + HYPR.


In addition, Okta’s Custom SAML authenticators can optionally be added to enable specific per-application or per-transaction authentication policies as well. On the workforce front, a passwordless authentication policy could be set so that employees accessing Salesforce, for example, have to do so through HYPR using biometrics. On the customer front, a passwordless authentication policy could require bank customers to authenticate through HYPR above a certain transaction value, for example.


Secure your users with FIDO-certified decentralized authentication

Passwords offer tempting targets to threat actors, and make your enterprise inherently vulnerable to fraud and expensive to protect. Okta and HYPR work together to remove the target of attack by securely removing the need for those credentials. With Okta as the identity provider backing HYPR’s passwordless authentication solution, enterprises can employ true, FIDO-powered and PSD2-compliant passwordless authentication at scale, and offer cross-cloud and cross-platform passwordless login to web and mobile apps and to Windows, MacOS, and VDI workstations for consumers, employees, contractors, and other authorized end users.

  • Protect your enterprise from fraud with secure, passwordless authentication
  • Eliminate passwords and shared secrets across your enterprise, removing the prime target for credential attacks
  • Give employees and consumers a fast, easy, secure login experience across platforms that keeps them happy and gets them productive quickly
  • Provide comprehensive, cross-platform authentication, strengthen security, and simplify the user experience