Okta Identity Engine
To create tailored, unique identity experiences, organizations have traditionally been faced with a choice:
The Okta Identity Engine is a set of customizable building blocks for every access experience, breaking apart pre-defined authentication, authorization and registration flows.
Customers can create dynamic, context-based user journeys, unlocking the ability to address an unlimited number of identity use cases with minimal custom code. Use context about the user, device, app, network, and intent to inform the identity journey of any user, adapting that access experience accordingly. The Okta Identity Engine is made up of a sequence of individual Steps that can handle the entire user journey from registration to authentication to authorization.
You can customize the behavior of each Step with Components. Components give you the ability to evaluate policies, trigger Hooks, publish events, prompt the user for action, or direct to an external service. Customizations can vary depending on the use case and the context applied. This means you can configure Okta to skip Steps in the engine. And, you can choose different Steps to run and skip for any app or at any point in the experience, creating a variety of identity sequences.
Based on the customizations applied, Okta can take further actions within each Step to progress the user through their journey:
Use cases enabled by the Okta Identity Engine include:
Allows organizations to eliminate the password. Rather than enrolling a password in an authentication sequence, organizations can use an email magic link to authenticate a user. Organizations can use a passwordless flow for some applications, but for others, require a stronger factor, such as email, push or WebAuthn.
Passwordless authentication using an email-based magic link
Flexible account recovery
Offer modern authentication factors for your users to reset their forgotten password. Instead of being limited to less secure recovery methods such as security questions or SMS, your users can now reset their credentials using more secure factors such as Okta Verify Push and WebAuthN. This improves your end user’s access experience, strengthens your security posture, and decreases your IT Help desk tickets.
Give your users more options to recover their accounts
To optimize the user experience, enterprises can configure registration for less friction. Minimize initial enrollment with minimal fields to fill, while configuring a later enrollment to require that a user input additional information. For example, an ecommerce site may want to ask for an email address when a user first engages, but then ask for a home address and phone number before making a purchase.
Incrementally build customer profiles over the customer’s lifetime by adding progressive profiling for required and optional attributes.
Crafting trusted, tailored user journeys
Putting it all together, organizations can build unique access experiences that are deeply integrated with the rest of their technology stack. For example, a consumer-facing experience looking to minimize friction and abandonment during the registration process could create an experience asks the consumer to just register their name and email. Once registered, an Event Hook can automatically push that user into an email campaign in their email marketing software, Marketo.
If the consumer then indicates greater engagement or now wants to access a more sensitive area of the customer experience, that new context of an existing user accessing a higher-risk app can be used in the Okta Identity Engine to tailor the next part of the user journey. For example, you may now want to validate the consumer’s email address and authenticate them with an email magic link. Further, you may choose to ask for additional information from the consumer, with progressive profiling, before authorizing them to proceed.
But that’s just the beginning. With Okta Hooks and Okta Identity Engine, Okta can be securely customized to be the foundation for any digital experience imaginable. A selection of the use cases unlocked include:
"Albertsons interacts with over 34 million customers a week, providing the products they want, at a fair price, with great customer service. As one of the largest grocers in the country, we recognize how important it is to adapt and grow, meeting our customers wherever they are. The Okta Identity Engine provides us with a flexible solution to digital identity."
– Ramiya Iyer, Global Vice President of IT, Digital and Marketing of Albertsons