We're Hiring

Software Engineer - Core Technology (Sr./Staff/Principal)
Software Engineer - Directories Platform (Sr./Staff/Principal)
Software Engineer - Federations Platform (Sr./Staff/Principal)
Software Engineer - Performance (Sr./Staff/Principal)
Software Engineer - Security (Sr./Staff/Principal)
Sr. Software Engineer - Generalist
Sr. Customer Success Manager
Sr. Manager, Partner Marketing (EMEA)
Emerging Markets Account Executive (UK)
Financial Reporting and Technical Accounting Manager
Senior Accountant
Developer Evangelist
Lead UX Researcher
Senior Product Manager, Enterprise Mobility
Senior Product Manager, User Experience and Growth
Sr Manager of Product Management, Microsoft Technology and Integrations (Seattle or San Francisco)
Sr. Manager - Product Marketing, Mobility and Devices
Sr. Manager/Director, Product Marketing, Microsoft Solutions
Technical Marketing Manager
Knowledge Architect
Sr. Customer Success Manager
Director, Sales Strategy & GTM Operations
Sales Operations Manager
Sr. Data Analyst
Sr. Data Engineer
Sr. Sales Operations Associate
Cloud Enterprise Architect
Sr. Technical Consultant
Sr. Technical Consultant
Sr. Technical Consultant
Sr. Technical Consultant
QA Manager
Quality Engineer - Mobile (Sr./Staff/Principal)
Quality Engineer - Mobile (Sr./Staff/Principal)
Release/Tools Engineer
Site Reliability Engineer (Senior/Staff/Principal)
Software Engineer - Core Technology (Sr./Staff/Principal)
Software Engineer - Directories Platform
Software Engineer - Federations Platform
Software Engineer - Mobility Management - Server (Sr./Staff/Principal)
Software Engineer – Mobility Management (Principal/Architect)
Software Engineer - O365 Identity Management (Sr./Staff/Principal)
Software Engineer - O365 Identity Management (Sr./Staff/Principal)
Software Engineer - Performance (Sr./Staff/Principal)
Software Engineer - Security (Sr./Staff/Principal)
Software Engineer - Security (Sr./Staff/Principal)
Software Engineer - UI Data Visualization (Sr./Staff/Prin.)
Software Engineer - UI Mobility Management
Software Engineer - UI Okta Cloud Connect (Sr./Staff/Principal)
Software Engineer in Test - Analytics & Reporting (Sr./Staff/Principal)
Software Engineer in Test - O365 Identity Management
FP&A Analyst
Senior Revenue Accountant
Information Security Engineer/Sr Information Security Engineer
Sr. Penetration Testing Engineer
Director, People Operations
Principal/Sr. Systems Architect
Associate General Counsel
Manager of Stock Administration
Email Marketing Specialist
Enterprise - Regional Sales Manager (Atlanta)
Enterprise - Regional Sales Manager (Boston)
Enterprise - Regional Sales Manager (Houston)
Enterprise - Regional Sales Manager (NY Metro)
Enterprise - Regional Sales Manager (Washinton DC)
Field Account Executive - Midwest (IL/MI/MN)
Field Account Executive - Rocky Mountains/Desert
Sales Development Representative
Sales Engineer
Senior Sales Training Manager
Sr. Sales Engineer
Technical Support Engineer
Director, Business Development - ISV Partner Ecosystem
Manager, Business Development
Manager, Business Development
Senior Director, Channel Sales -- Global System Integrators

Simple, Comprehensive, Robust

Extend Active Directory & LDAP to the Cloud

More Active Directory Resources


Okta's Active Directory Integration



Okta Directory Integration - An Architecture Overview



Three Ways to Integrate Active Directory with Your SaaS Applications



Three Ways to Extend Active Directory to Your Cloud Apps

Watch Now

In the majority of enterprises, Microsoft’s Active Directory (AD) is the authoritative user directory that governs access to key business applications. SaaS applications were developed with their own native user directories and because they run outside of the firewall, are typically beyond the reach of Active Directory. As a result users have to remember multiple usernames and logins and IT has to create, manage and map user accounts in AD and across their SaaS applications. Clearly these applications must be integrated with Active Directory in order to accelerate their adoption.

Okta offers the industry’s most complete, robust and easy to use Active Directory single sign-on integration.

Active directory SSO set up and configuration

Active directory SSO set up and configuration

Simple Set Up and Configuration

Enabling Active Directory single sign-on integration is a simple, wizard driven process. With the click of a button from the Okta administrative console you can download the Okta Active Directory agent and install it on any Windows Server that has access to your Domain Controller. Once installed you simply enter your Okta URL and credentials and the agent securely establishes a connection with your Okta instance — no network or firewall configuration required.

The rest of the configuration takes place centrally from the Okta administration console and covers setting up the AD integration account, specifying the target OUs and determining the schedule for ongoing user imports.

Learn more - Okta's Active Directory Integration Architectural Overview Whitepaper

Active directory SSO synchronization

Active directory SSO synchronization

Intelligent User Synchronization

Once the agent is installed and the initial user import takes place Okta intelligently processes the results. Matching algorithms are applied to analyze the incoming AD users and determine if there is a match to existing Okta users or to accounts that you have imported from other SaaS systems. Future user imports can be scheduled or performed on demand.

Active directory SSO authentication

Active directory SSO authentication

Robust Delegated Authentication

Okta’s Active Directory single sign-on integration also allows you to delegate the authentication into Okta, to your on-premises AD Domain. Users can easily log into Okta using their Okta username and active directory password.

As this feature governs user access into Okta, the architecture also support multiple Okta AD agents running in your environment to provide higher throughput, redundancy and thus greater availability. If one of the agents stops running or loses network connectivity, the authentication requests are simply routed to the other agents.

Integrated Desktop Single Sign-On

Okta leverages Microsoft’s Integrated Windows Authentication to seamlessly authenticate users to Okta that are already authenticated with their Windows domain. You simply download and install Okta’s IWA web application, configure the relevant IP ranges, and the setup is complete.

Both Mac and PC users can simply log into their corporate network once and access any cloud application with a single click. No additional usernames or passwords required, just like on-premises apps.

Security Group Driven Provisioning

Through the use of Active Directory security groups, Okta can automatically provision applications to users. Just add a user to AD, place them in a security group, and when synchronized with Okta that user will be added, and an account in the application mapped to that security group will be automatically provisioned on their behalf.

One Click Deprovisioning

User deactivation is typically triggered from a corporate identity store such as Active Directory. With Okta’s Centralized Deprovisioning, deactivating a user in AD initiates a deprovisioning workflow immediately to ensure maximum effectiveness in preventing rogue access to Okta and other cloud applications.

Self Service Password Reset

Your users can also change their Active Directory password via Okta. When a user's AD password expires or is reset they will automatically be prompted to change it the next time they log in to Okta. Users can also proactively change their AD password directly from the account tab on their Okta homepage, and Okta keeps all of these credentials synchronized with AD.

Oktane 15

November 2 - 4, Las Vegas

Industry leading identity and mobility conference designed to showcase best practices for cloud and mobile adoption.